regreSSHion Vulnerability in OpenSSH: Impact on Ubuntu and Solutions

by Ivan Revelli
in Posts, Sistemi
on July 5, 2024

The vulnerability named “regreSSHion” (CVE-2024-6387) affects the OpenSSH daemon (sshd) from versions 8.5p1 to 9.8p1. Discovered and reported by Qualys, this flaw allows unauthenticated remote code execution by exploiting an insecure asynchronous function called when LoginGraceTime expires.

Affected Ubuntu Versions

Ubuntu 22.04 LTS
Ubuntu 23.10
Ubuntu 24.04 LTS

Previous versions are not impacted.

Resolution

Update the openssh-server package to fix the vulnerability:

sudo apt update && sudo apt install openssh-server

1	sudo apt update && sudo apt install openssh-server

Ubuntu Pro users can use:

sudo pro fix CVE-2024-6387

1	sudo pro fix CVE-2024-6387

Temporary Mitigation

Set LoginGraceTime to 0, although this may expose to DoS attacks:

echo "LoginGraceTime 0" | sudo tee /etc/ssh/sshd_config.d/cve-2024-6387.conf
sudo systemctl reload ssh.service

1 2	echo "LoginGraceTime 0" \| sudo tee /etc/ssh/sshd_config.d/cve-2024-6387.conf sudo systemctl reload ssh.service

Conclusion

It is crucial to update immediately to protect servers from potential attacks. For more details, visit the original articles:

These updates enhance overall security, highlighting the importance of proactive vulnerability management.

Otherwise you can upgrade moanually your ssh-server following this post: https://synaptica.info/2024/07/05/upgrade-openssh-server-on-your-ubuntu-distro-manually-tested-on-22-04-lts/

regreSSHion Vulnerability in OpenSSH: Impact on Ubuntu and Solutions