A new critical security vulnerability CVE-2024-6387, code-named as regreSSHion has been discovered affecting many Linux systems, including many in the European Weather Cloud. This vulnerability may allow unauthenticated remote code execution in OpenSSH’s server with full root access.
It is very important you check whether your instances in the European Weather Cloud are affected and if so take any remedial actions required:
| Operating System | Affected | Action Required |
|---|---|---|
| Ubuntu 22.04 | Yes | Although the update should have been applied automatically, make sure your system is completely up to date with: sudo apt update && sudo apt upgrade You may check the version of OpenSSH with: $ dpkg -l openssh-server Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-==============-===================-============-================================================================= ii openssh-server 1:8.9p1-3ubuntu0.10 amd64 secure shell (SSH) server, for secure access from remote machines It must be 8.9p1-3ubuntu0.10 or above. |
| Rocky 9.X | Yes | No patched version has been released. Follow the instructions on https://rockylinux.org/news/2024-07-01-rocky-linux-9-cve-2024-6378-regression for mitigation strategies. |
| Rocky 8.X | No | None |