ClickCease Critical OpenSSH Vulnerability (regreSSHion) Gives Root Access

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Critical OpenSSH Vulnerability (regreSSHion) Gives Root Access

by Rohan Timalsina

July 17, 2024 - TuxCare expert team

An unauthenticated remote code execution vulnerability (CVE-2024-6387) was discovered in OpenSSH, a widely used tool for secure remote access. Dubbed “regreSSHion”, this race condition vulnerability allows attackers to take complete control in glibc-based Linux systems. Let’s break down what this means and how to protect yourself.

 

What is the regreSSHion Vulnerability?

 

Qualys researchers identified a critical vulnerability in OpenSSH that lets attackers gain unauthorized root access on a system. This gives them complete control, allowing them to steal data, install malware, or even launch attacks on other vulnerable systems.

The name “regreSSHion” cleverly combines the word “regression” and “SSH” to highlight the vulnerability’s key aspects. It’s a regression bug, meaning a previously fixed flaw (CVE-2006-5051) from 2006 reappeared in newer OpenSSH versions. Also, this RCE bug is the first of its kind in nearly two decades for OpenSSH. It works in the default configuration without any user interaction, making it highly exploitable.

 

How Severe Is This Vulnerability?

 

While the vulnerability itself is serious, successfully exploiting it may require multiple attempts. However, attackers may use automated tools to overcome these hurdles. Patching your system is crucial to prevent such attempts.

 

Affected Versions

Not all OpenSSH versions are vulnerable:

  • Versions before 4.4p1: These are vulnerable unless they have specific patches (CVE-2006-5051 and CVE-2008-4109).
  • Versions 4.4p1 to 8.5p1 (not including 8.5p1): These are safe because of a previous fix (CVE-2006-5051).
  • Versions 8.5p1 to 9.8p1 (not including 9.8p1): These are vulnerable due to an accidental change that brought back the issue.

 

Mitigating The regreSSHion Vulnerability

 

Here’s what you can do to protect yourself:

Update OpenSSH: The most effective solution to address this vulnerability is to update your OpenSSH server to 9.8p1 or later.

Restrict SSH access: Limit access to your SSH server using firewalls and network segmentation. This makes it harder for attackers to reach and exploit the server.

Temporary mitigation (use with caution): If immediate updates are not possible, you can temporarily set the ‘LoginGraceTime’ to 0 in the SSH server configuration. However, this can leave your systems vulnerable to denial-of-service attacks.

 

Conclusion

 

By updating to 9.8p1 or later, you can significantly reduce the risk of being compromised by the regreSSHion vulnerability. Remember, staying up-to-date with security patches is essential for maintaining a secure system.

TuxCare’s AlmaLinux team released updated OpenSSH packages to address this vulnerability within hours of disclosure. TuxCare offers Enterprise Support for AlmaLinux, which includes a 16-year support lifecycle, extended security updates with continuous FIPS compliance, enhanced support, and more.

 

The sources for this article include a story from Qualys.

Summary
Critical OpenSSH Vulnerability (regreSSHion) Gives Root Access
Article Name
Critical OpenSSH Vulnerability (regreSSHion) Gives Root Access
Description
Alert! regreSSHion vulnerability in OpenSSH's server (sshd) grants root access on Linux. Patch now and secure your system!
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Become a TuxCare Guest Writer

Mail

Help Us Understand
the Linux Landscape!

Complete our survey on the state of Open Source and you could win one of several prizes, with the top prize valued at $500!

Your expertise is needed to shape the future of Enterprise Linux!