Posted by z3d in OpSec (edited )

Researchers at the cybersecurity firm Qualys have discovered a critical vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems.

The vulnerability tracked as CVE-2024-6387 and named regreSSHion, is a signal handler race condition in OpenSSH’s server (sshd).

This race condition allows unauthenticated remote code execution (RCE) with full root privileges, posing a significant security risk.

Further, it affects sshd in its default configuration.

See also:



You must log in or register to comment.

There's nothing here…