Pantheon Service Bulletin 001

Owned by Riley gunn
Last updated: Aug 23, 2024
2 min read

Date: Aug 22, 2024

Subject: Critical Security Vulnerability in OpenSSH - Update Required

To: All HS3 Users

Summary of Issue

A critical vulnerability was identified in OpenSSH, affecting sshd(8) and potentially allowing arbitrary code execution with root privileges. This vulnerability, identified as CVE-2024-6387, has been addressed in the Debian system. We urge all users to update their machines immediately to mitigate any risk.

Affected Systems

Portable OpenSSH versions 8.5p1 through 9.7p1 (inclusive)

Debian GNU/Linux systems prior to the latest security patch.

image-20240822-175609.png

Details

The vulnerability results from a race condition in sshd(8) and poses a serious security risk, particularly for 32-bit Linux/glibc systems. Successful exploitation under specific conditions could allow attackers to gain root privileges. The issue has been resolved in the latest Debian security update, and it is essential that all affected systems are updated to ensure continued security.

Action Required

Check OpenSSH Version

SSH into you machine and check the version number by running the following command:

ssh -V

Compare your version with the list of vulnerable releases above. If your version is the vulnerable version or not one of the fixed versions, update your machine using one of the methods below:

Web-Console Update Manager

On the web-console for the HS3, under the “Machine” tab, there is an update manager. Use the refresh button to check for updates and update the system packages if available.

image-20240822-180305.png

This is the easiest method to fully updating the operating system and it’s associated packages.

System Update:

SSH into you machine and update your system by running the following commands:

sudo apt update sudo apt upgrade

Verify Update:

After updating, confirm that your OpenSSH version is no longer vulnerable by checking the installed version:

ssh -V

Support:

If you encounter any issues during the update process, have any questions, or would like to work with us to perform the update, please contact our support team at support@pantheondesign.ca.

Thank You

We thank you for your prompt attention to this critical security issue and your continued trust in Pantheon Design. By keeping your systems updated, you help us ensure a secure and reliable environment for all users.

 

www.pantheondesign.com