🚨 OpenSSH flaws (CVE-2024-6387)

hadcloud

🚨 OpenSSH flaws (CVE-2024-6387) allows unauthenticated remote code execution on glibc-based Linux systems. 14 million servers at risk.

pfSense CVE-2024-6387

https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server

https://thehackernews.com/2024/07/new-openssh-vulnerability-could-lead-to.html

https://www.reddit.com/r/PFSENSE/comments/1dssli8/cve20246387/

OpenBSD:

cd /usr/src/secure/usr.sbin/sshd && make && make install

service sshd restart
FreeBSD:
freebsd-update fetch install
PfSense package:
pfSense update "system_patches":
Confirmation Required to upgrade package pfSense-pkg-System_Patches from 2.2.11_13 to 2.2.11_14.

Debian:
Install 9.8p1 on Debian (Debian, Ubuntu, Mint, ...):

apt-get update
apt-get install build-essential zlib1g-dev libssl-dev libpam0g-dev libselinux1-dev
wget https://github.com/openssh/openssh-portable/archive/refs/tags/V_9_8_P1.tar.gz
tar -xzf V_9_8_P1.tar.gz
cd openssh-portable-V_9_8_P1
./configure
make
make install
mv /usr/sbin/sshd /usr/sbin/sshd.bak
ln -s /usr/local/sbin/sshd /usr/sbin/sshd
systemctl restart sshd

xyzulu

Same as https://community.enhance.com/d/1707-new-openssh-vulnerability-could-lead-to-rce-as-root

SharedGrid

Why are you building from source rather than just upgrading via apt?

You will lose version tracking via apt and not be able to use the package manager to upgrade it anymore.

At this point, all distributions have already released the updated packages via their respective package managers. The only exception may be Red Hat as it's not showing on their Errata list, I don't run RH anymore to actually check.