This vulnerability is caused by a signal handler race condition in the OpenSSH service (sshd). An unauthenticated attacker can exploit this vulnerability to execute arbitrary code with root privileges on Linux systems.
A proof-of-concept (POC) for this vulnerability has been publicly released. The vulnerability is highly dangerous and has a wide impact. Users are urged to update their OpenSSH package to a non-vulnerable version as soon as possible and take protective measures.
===
Vulnerability Number: CVE-2024-6387
Affected Versions: 8.5p1 <= OpenSSH < 9.8p1
Official Patch: https://www.openssh.com/releasenotes.html
===
Debian & Ubuntu Distribution Security Updates and Announcements
Debian: https://security-tracker.debian.org/tracker/CVE-2024-6387
Ubuntu: https://ubuntu.com/security/CVE-2024-6387
===
Check Script
https://github.com/tw-yuan/CVE-2024-6387_Check
===
This vulnerability primarily affects Debian systems. Users can verify and update their systems using the following steps to ensure they are using a patched version of the software.
First, use sshd -v command to check the current OpenSSH version.
If the output is OpenSSH_9.2p1 Debian-2+deb12u3 or Debian-5+deb11u3 (note that the end is u3), then you are using a patched version.
If it is u2 or another affected version, please follow the steps below to update the software version to fix the vulnerability.
First, check if the following package update source is in /etc/apt/sources.list. If it is not, add it.
deb http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
deb-src http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
Once you have it, enter apt update && apt install --only-upgrade openssh-client openssh-server openssh-sftp-server -y to update the system packages.
Finally, use sshd -v again to confirm that you are using a patched version.
Users can verify and update their systems using the following steps to ensure they are using a patched version of the software.
First, use sshd -v command to check the current OpenSSH version.
If the output is in fellow list, then you are using a patched version.
No vulnerable versions:
If it is another affected version, please follow the steps below to update the software version to fix the vulnerability.
Enter apt update && apt install --only-upgrade openssh-client openssh-server openssh-sftp-server -y to update the system packages.
Then use sshd -v again to confirm that you are using a patched version.
* Users of other Linux distributions should consult their distribution's documentation for instructions on how to update their OpenSSH packages.
* It is important to note that even after updating OpenSSH, it is still important to follow good security practices, such as using strong passwords and enabling two-factor authentication.