[BlueOnyx:27075] Re: New OpenSSH vulnerability

Taco Scargo taco at blueonyx.nl
Tue Jul 2 01:24:44 -05 2024 

Hi Michael,

As far as I can see Almalinux was already patched:

[root at alma ~]# rpm -qi openssh-server --changelog
Name        : openssh-server
Version     : 8.7p1
Release     : 38.el9.alma.2
Architecture: x86_64
Install Date: Tue 02 Jul 2024 06:03:13 AM CEST
Group       : Unspecified
Size        : 1094809
License     : BSD
Signature   : RSA/SHA256, Mon 01 Jul 2024 08:05:53 PM CEST, Key ID d36cb86cb86b3716
Source RPM  : openssh-8.7p1-38.el9.alma.2.src.rpm
Build Date  : Mon 01 Jul 2024 07:48:41 PM CEST
Build Host  : x64-builder01.almalinux.org
Packager    : AlmaLinux Packaging Team <packager at almalinux.org>
Vendor      : AlmaLinux
URL         : http://www.openssh.com/portable.html
Summary     : An open source SSH server daemon
Description :
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package contains
the secure shell daemon (sshd). The sshd daemon allows SSH clients to
securely connect to your SSH server.
* Mon Jul 01 2024 Jonathan Wright <jonathan at almalinux.org> - 8.7p1-38.alma.2
- Fix regreSSHion attack
  Resolves: CVE-2024-6387

> On 1 Jul 2024, at 18:35, Michael Stauber via Blueonyx <blueonyx at mail.blueonyx.it> wrote:
> 
> Hi all,
> 
> Qualsys reported a new OpenSSH vulnerability today:
> 
> https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
> 
> Affected OpenSSH versions:
> ==========================
> 
> - OpenSSH versions earlier than 4.4p1 are vulnerable to this signal handler race condition unless they are patched for CVE-2006-5051 and CVE-2008-4109.
> 
> - Versions from 4.4p1 up to, but not including, 8.5p1 are not vulnerable due to a transformative patch for CVE-2006-5051, which made a previously unsafe function secure.
> 
> - The vulnerability resurfaces in versions from 8.5p1 up to, but not including, 9.8p1 due to the accidental removal of a critical component in a function.
> 
> 
> I did a quick check and we seem to be partially affected by this:
> 
> Aventurin{e} 6109R:	Not affected
> BlueOnyx 5209R (EOL): 	Not affected
> BlueOnyx 5210R:		Affected
> BlueOnyx 5221R:		Affected
> 
> I can see that RedHat is already working on it:
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=2294879
> 
> I'd expect that AlmaLinux is also on it, so fixed OpenSSH server RPMs should be available soon and it is recommended to urgently install them as soon as they become available.
> 
> In the meantime you might want to secure your OpenSSH by either turning it off via the GUI or by limiting access to it via Firewall rules.
> 
> -- 
> With best regards
> 
> Michael Stauber
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20240702/8607a48c/attachment.html>

More information about the Blueonyx mailing list