9621 Agnes Crossing, Lake Suzanneview, New Mexico Island 84604-9295.
The open source world is in turmoil due to a recently discovered vulnerability in OpenSSH. Millions of server instances could be at risk. Cybersecurity company Qualys has discovered
The open source world is in turmoil due to a recently discovered vulnerability in OpenSSH. Millions of server instances could be at risk.
Cybersecurity company Qualys has discovered the CVE-2024-6387 vulnerability in OpenSSH and has no hesitation in calling it “extremely dangerous”. OpenSSH is based on the SSH protocol (SecureShell) based open source server program for encrypting communication between servers in a network. The server program is standard on many Unix-like systems and therefore the security vulnerability is a cause for concern.
The vulnerability triggers a bug that can cause the time at which a signal is processed to coincide with the time at which OpenSSH is processed. Attackers can send specially crafted payloads to the system to force this moment. The exploit is very complex, but if successful, the attacker can take over the server and execute malicious code.
Notably, CVE-2024-6387 is the legacy of a vulnerability discovered in OpenSSH in 2006. This vulnerability is caused by regression and is creatively nicknamed by Qualys Remorse.
Regression means that a bug in a software release can suddenly reappear after it has been fixed. This is usually due to changes or updates that inadvertently re-introduce the problem, as was the case here with OpenSSH.
Anyone who has provided a patch for the 2006 vulnerability (and others from 2008) is safe for all versions between 4.4p1 and 8.5p1 or older. The vulnerability occurs in versions 8.5p1 through 9.8p1 due to the removal of a critical functional component. 32-bit glibc Linux systems are extremely vulnerable, but 64-bit systems are not immune either.
Patches are now available and, as always, the motto is to implement them as quickly as possible. Version 9.8 contains a fix for the dangerous error. OpenSSH users seem to have good update hygiene: only 0.14 percent of installations are running on a version of the program that is no longer supported.
However, even with patches available, security researchers are still waiting for a battlefield. Due to its widespread use on Linux servers, this vulnerability will not be fixed in a day. Qualys estimates that there are approximately 700,000 potentially vulnerable OpenSSH installations and the vulnerability could affect up to fourteen million instances.
Source: IT Daily
As an experienced journalist and author, Mary has been reporting on the latest news and trends for over 5 years. With a passion for uncovering the stories behind the headlines, Mary has earned a reputation as a trusted voice in the world of journalism. Her writing style is insightful, engaging and thought-provoking, as she takes a deep dive into the most pressing issues of our time.
