New OpenSSH Vulnerability Discovered Potential Remote Code Execution Risk

A recent vulnerability in the OpenSSH secure networking suite can lead to remote code execution (RCE) in specific versions of the program.

The vulnerability, listed as CVE-2024-6409 (CVSS score: 7.0), is related to a situation of code execution in the privsep child process because of a race condition in signal handling and is different from CVE-2024-6387 (aka RegreSSHion). It only affects the Red Hat Enterprise Linux 9 versions 8.7p1 and 8.8p1.

The problem was discovered and reported by security researcher Alexander Peslyak, also known by the moniker Solar Designer. The bug was discovered during a study of CVE-2024-6387, which was made public by Qualys earlier this month.

According to Peslyak, the primary distinction between CVE-2024-6387 and this vulnerability is that the race condition and RCE possibilities occur in the privsep child process read more about New OpenSSH Vulnerability Discovered Potential Remote Code Execution Risk.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *