OpenSSH Vulnerability - May Be of Interest to Sysadmins

[wizardfromoz]

I have only read the following as of today. I was running my monthly updates on (Arch-based) EndeavourOS, which distro's Welcome Screen features a Software News button and prompts me to read unread bulletins.

This, from Qualys is long, but definitely not TL;DR for those whom it may affect.

Labelled CVE-2024-6387 - when I read it I hurried back here to see if we had it covered in our

Linux Security Announcements (Automated)​

... and our LinuxBot (not to be confused with the defunct AI tool TuxBot) had indeed trawled it in on Monday 1st July.

You can read more about it here

https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt

and here

https://blog.qualys.com/vulnerabili...ode-execution-vulnerability-in-openssh-server

The exploit originates in 2006 and was patched then, but a mistake in 2020 reintroduced it, apparently.

OpenSSH (Open Secure Shell) is a suite of secure networking utilities based on the Secure Shell (SSH) protocol, which is vital for secure communication over unsecured networks. It provides robust encryption to ensure privacy and secure file transfers, making it an essential tool for remote server management and secure data communication.

I cannot assist further on this matter as it is beyond my skillset, but do be attentive, won't you?

Cheers

Wizard

 

[f33dm3bits]

Thanks @wizardfromoz! It was already posted two days ago in another topic.

The exploit originates in 2006 and was patched then, but a mistake in 2020 reintroduced it, apparently.

The question remains was it another mistake or on purpose as the other CVE with xz-utils was from a few months ago.

 

[wizardfromoz]

Aah, I see.

Thanks, Maarten