devxlogo

Critical flaw in OpenSSH threatens Linux servers

Critical flaw in OpenSSH threatens Linux servers

OpenSSH Threat

Researchers at the Qualys Threat Research Unit have discovered a critical security flaw in OpenSSH’s server in glibc-based Linux systems. The vulnerability, named “regreSSHion,” is a re-emergence of a bug that was previously patched in 2006. According to Qualys, more than 14 million internet-facing servers are vulnerable.

The flaw could allow attackers to gain unauthorized access to affected systems, putting a large number of Linux environments at risk. “We urge all users to apply the necessary patches as soon as possible,” said a spokesperson from Qualys. “The implications of leaving this vulnerability unaddressed could be severe.”

The vulnerability exploits weaknesses in two key components of the OpenSSH server, though detailed technical specifics were not disclosed to prevent further exploitation.

The discovery comes shortly after another exposure affecting OpenSSH was patched last October, highlighting ongoing security challenges within this domain. Security researchers continue to work to identify and patch such flaws to maintain the integrity of open-source software. Qualys recommends that users implement the patches available for their respective Linux distributions without delay.

See also  Norway wealth fund opposes Musk's $56 billion package

The threat posed by “regreSSHion” is significant, and swift action is essential to safeguard systems against potential attacks. For more detailed information on how to update your systems and protect against this vulnerability, consult the security advisories published by your Linux distribution’s security team. The vulnerability affects the following OpenSSH versions:

Versions earlier than 4.4p1 are vulnerable to this signal handler race condition unless they are patched for CVE-2006-5051 and CVE-2008-4109.

Critical update for OpenSSH security

Versions from 4.4p1 up to, but not including, 8.5p1, are not vulnerable due to a patch for CVE-2006-5051, which made a previously unsafe function secure. The vulnerability resurfaces in versions from 8.5p1 up to, but not including, 9.8p1 due to the accidental removal of a critical component in a function.

Anyone running a vulnerable version should update as soon as practicable. A patch is now available. Many, but not all, Linux distributions have made it available.

If you can get it, install it as soon as possible. If you can’t install a patch for some reason, consider protecting yourself against the regreSSHion vulnerability by setting `LoginGraceTime` to 0 in the `sshd_config` file. This setting is not a perfect solution; while it will prevent exploits, it exposes your systems to potential denial-of-service attacks.

Make sure to restrict SSH access to your server using network-based controls to limit potential attack vectors. Configure your firewall to detect and block the large number of connections needed to exploit this vulnerability. Keep an eye out for the OpenSSH patches.

When they do become available, apply them as soon as possible. You can significantly reduce your exposure to the regreSSHion security hole by implementing these measures.

See also  Vandalism cuts Spectrum internet in Shasta County
devxblackblue

About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

About Our Journalist