Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

OpenSSH needs updated to 9.8 mitigate regreSSHion RCE vulnerability CVE-2024-6387

Description

Urgent patching needed on all OpenSSH servers — especially those that are publicly facing. A patch was just released for a remote unauthenticated RCE exploit. https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server

Technical details: https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt

OpenSSH release notes: https://www.openssh.com/txt/release-9.8

Host ID: ed61f46cb803cee4d4c5d1ecf8d4d5136ae690201a14971a100e8c6040b27d8b

Session ID: 43358505-4a2e-bc9b-1955-8bebb862b8d3

Problem/Justification

None

Impact

None

duplicates

Activity

Show:

Bug Clerk July 1, 2024 at 1:57 PM

This issue has now been closed. Comments made after this point may not be viewed by the TrueNAS Teams. Please open a new issue if you have found a problem or need to re-engage with the TrueNAS Engineering Teams.

Bug Clerk July 1, 2024 at 1:57 PM

Thank you for reporting this issue! This has already been reported (see the "Duplicate" ticket linked above), so this issue is being closed to focus effort in the existing ticket.

Bug Clerk July 1, 2024 at 1:50 PM

Thank you for submitting this TrueNAS Bug Report! So that we can quickly investigate your issue, please attach a Debug file and any other information related to this issue through our secure and private upload service below. Debug files can be generated in the UI by navigating to System -> Advanced -> Save Debug.

https://ixsystems.atlassian.net/servicedesk/customer/portal/15/group/37/create/153

Duplicate
Pinned fields
Click on the next to a field label to start pinning.

Details

Assignee

Reporter

Labels

Components

Fix versions

Affects versions

Priority

More fields

Katalon Platform

Created July 1, 2024 at 1:50 PM
Updated July 1, 2024 at 1:57 PM
Resolved July 1, 2024 at 1:57 PM