1. Forum
  2. tqwNet
  3. TQW LINUX

  • Another OpenSSH remote code execution vulnerability

    From LWN.net@1337:1/100 to All on Tue Jul 9 14:45:05 2024
    Another OpenSSH remote code execution vulnerability

    Date:
    Tue, 09 Jul 2024 13:36:19 +0000

    Description:
    Alexander "Solar Designer" Peslyak has disclosed another OpenSSH
    vulnerability that can be exploited for remote code execution, but only
    on distributions that have applied a patch to add auditing support. Specifically, RHEL9 and derivatives are affected, as are
    Fedora36 and37 (but not later releases). The main difference from CVE-2024-6387 is that the race condition
    and RCE potential are triggered in the privsep child process, which
    runs with reduced privileges compared to the parent server process.
    So immediate impact is lower. However, there may be differences in
    exploitability of these vulnerabilities in a particular scenario,
    which could make either one of these a more attractive choice for
    an attacker, and if only one of these is fixed or mitigated then
    the other becomes more relevant.

    ======================================================================
    Link to news story:
    https://lwn.net/Articles/981287/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)