[BlueOnyx:27074] New OpenSSH vulnerability
Michael Stauber
mstauber at blueonyx.it
Mon Jul 1 11:35:44 -05 2024
Hi all,
Qualsys reported a new OpenSSH vulnerability today:
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
Affected OpenSSH versions:
==========================
- OpenSSH versions earlier than 4.4p1 are vulnerable to this signal
handler race condition unless they are patched for CVE-2006-5051 and
CVE-2008-4109.
- Versions from 4.4p1 up to, but not including, 8.5p1 are not vulnerable
due to a transformative patch for CVE-2006-5051, which made a previously
unsafe function secure.
- The vulnerability resurfaces in versions from 8.5p1 up to, but not
including, 9.8p1 due to the accidental removal of a critical component
in a function.
I did a quick check and we seem to be partially affected by this:
Aventurin{e} 6109R: Not affected
BlueOnyx 5209R (EOL): Not affected
BlueOnyx 5210R: Affected
BlueOnyx 5221R: Affected
I can see that RedHat is already working on it:
https://bugzilla.redhat.com/show_bug.cgi?id=2294879
I'd expect that AlmaLinux is also on it, so fixed OpenSSH server RPMs
should be available soon and it is recommended to urgently install them
as soon as they become available.
In the meantime you might want to secure your OpenSSH by either turning
it off via the GUI or by limiting access to it via Firewall rules.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list