Skip Navigation

Remote View

Technology @lemmy.ml

tmpod @lemmy.pt

8mo ago

OpenSSH: race condition in sshd allows remote code execution

stackdiary.com OpenSSH: race condition in sshd allows remote code execution

A severe vulnerability in OpenSSH, dubbed "regreSSHion" (CVE-2024-6387), has been discovered by the Qualys Threat Research Unit, potentially exposing

A severe vulnerability in OpenSSH, dubbed "regreSSHion" (CVE-2024-6387), has been discovered by the Qualys Threat Research Unit, potentially exposing

Linux @lemmy.ml

tmpod @lemmy.pt

8mo ago

OpenSSH: race condition in sshd allows remote code execution

stackdiary.com /openssh-race-condition-in-sshd-allows-remote-code-execution/

237 26

9 comments

I always use my ssh server for remote code execution.
- technically the truth!

Last I read about it it required connecting for 6-7 hours continuously on 32bit systems, and it's unknown how long it would take on 64bit.
- Yeah, exactly. Very impracticable.
  
  But, eventually exploitable is still a pretty major concern for anybody who has systems running longer than a few days at a time.
  
  Reminds me of the node-ip guy making thn repo read only because of amateur researchers filling up cve s

musl isn't vulnerable, as per https://fosstodon.org/@musl/112711796005712271

9 comments