Warning for Linux users: OpenSSH vulnerability poses risk of system takeover

Linux users should take heed: A new vulnerability in OpenSSH poses a serious risk of system takeover, prompting caution and immediate updates.

Jul 3, 2024 - 10:02
Warning for Linux users: OpenSSH vulnerability poses risk of system takeover
Qualys has successfully developed an exploit for the vulnerability and shared it with the OpenSSH team.

New OpenSSH vulnerability threatens Linux systems with remote code execution

Qualys Threat Research Unit (TRU) has identified a critical vulnerability affecting Linux systems using OpenSSH's server (SSHD), designated as CVE-2024-6387. This Remote Unauthenticated Code Execution (RCE) flaw stems from a race condition in SSHD's signal handler, allowing attackers to execute code remotely without authentication. The vulnerability, reminiscent of CVE-2006-5051 but reintroduced in OpenSSH 8.5p1 (October 2020), poses severe security risks, potentially leading to system compromises, data breaches, and unauthorized access to sensitive information. Qualys TRU estimates millions of internet-facing servers could be vulnerable.

OpenSSH vulnerability: Affected versions and patch status

The vulnerability impacts OpenSSH versions released prior to 4.4p1, unless specifically patched for CVE-2006-5051 and CVE-2008-4109. Versions from 4.4p1 up to but excluding 8.5p1 are confirmed safe from this exploit. However, systems running versions from 8.5p1 up to but not including 9.8p1 remain vulnerable to potential remote code execution attacks. It's crucial for administrators to promptly apply patches and updates to mitigate the risk of unauthorized access and system compromise.

Safeguard your Linux system: Recommended protection measures

Qualys advises the following measures to safeguard your system:

  • Promptly apply available patches for OpenSSH and maintain system updates.
  • Reduce the risk of attacks by restricting SSH access through network controls.
  • Enhance security by segmenting networks and implementing monitoring tools to detect suspicious activities.

Qualys has successfully developed an exploit for the vulnerability and shared it with the OpenSSH team. However, they have chosen not to publicly release it, as patches are expected to be progressively applied. Qualys believes other independent researchers should be able to replicate their findings.