Kevin Beaumont on Nostr: Regarding CVE-2024-6387 aka regreSSHion - the OpenSSH vuln. - it’s a valid find and ...
Regarding CVE-2024-6387 aka regreSSHion - the OpenSSH vuln.
- it’s a valid find and you should patch as usual
- you won’t see a logo from me
- it isn’t a ../.. style RCE vuln - requires significant development knowledge to write an exploit, which isn’t public, and requires a whole bunch of resources to exploit on Linux where ASLR is working properly
- it only applies to new SSH releases in the past few years. Many enterprise and IoT Linux distros ship older versions that don’t have the vuln
- it’s a valid find and you should patch as usual
- you won’t see a logo from me
- it isn’t a ../.. style RCE vuln - requires significant development knowledge to write an exploit, which isn’t public, and requires a whole bunch of resources to exploit on Linux where ASLR is working properly
- it only applies to new SSH releases in the past few years. Many enterprise and IoT Linux distros ship older versions that don’t have the vuln