Severity Level: Critical
Title:
Critical RCE Vulnerability in OpenSSH Linux system
Timestamp:
Tuesday July 2, 2024
Summary:
A Remote Unauthenticated Code Execution (RCE) vulnerability CVE-2024-6387 exists in OpenSSH’s server (sshd) in glibc-based Linux systems, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems; that presents a significant security risk. This race condition affects sshd in its default configuration.
Recommendations:
upgrade to fixed version at the earliest
References:
For references :
Click here