Tag: OpenSSH Vulnerability

New OpenSSH Vulnerability Discovered Potential Remote Code Execution Risk
News

New OpenSSH Vulnerability Discovered Potential Remote Code Execution Risk

A recent vulnerability in the OpenSSH secure networking suite can lead to remote code execution (RCE) in specific versions of the program. The vulnerability, listed as CVE-2024-6409 (CVSS score: 7.0), is related to a situation of code execution in the privsep child process because of a race condition in signal handling and is different from CVE-2024-6387 (aka RegreSSHion). It only affects the Red Hat Enterprise Linux 9 versions 8.7p1 and 8.8p1. The problem was discovered and reported by security researcher Alexander Peslyak, also known by the moniker Solar Designer. The bug was discovered during a study of CVE-2024-6387, which was made public by Qualys earlier this month. According to Peslyak, the primary distinction between CVE-2024-6387 and this vulnerability is that the race c...