Date:
Subject: Critical Security Vulnerability in OpenSSH - Update Required
To: All HS3 Users
Summary of Issue
A critical vulnerability was identified in OpenSSH, affecting sshd(8) and potentially allowing arbitrary code execution with root privileges. This vulnerability, identified as CVE-2024-6387, has been addressed in the Debian system. We urge all users to update their machines immediately to mitigate any risk.
Affected Systems
Portable OpenSSH versions 8.5p1 through 9.7p1 (inclusive)
Debian GNU/Linux systems prior to the latest security patch.
Details
The vulnerability results from a race condition in sshd(8) and poses a serious security risk, particularly for 32-bit Linux/glibc systems. Successful exploitation under specific conditions could allow attackers to gain root privileges. The issue has been resolved in the latest Debian security update, and it is essential that all affected systems are updated to ensure continued security.
Action Required
Check OpenSSH Version
SSH into you machine and check the version number by running the following command:
ssh -V
Compare your version with the list of vulnerable releases above. If your version is the vulnerable version or not one of the fixed versions, update your machine using one of the methods below:
Web-Console Update Manager
On the web-console for the HS3, under the “Machine” tab, there is an update manager. Use the refresh button to check for updates and update the system packages if available.
This is the easiest method to fully updating the operating system and it’s associated packages.
System Update:
SSH into you machine and update your system by running the following commands:
sudo apt update sudo apt upgrade
Verify Update:
After updating, confirm that your OpenSSH version is no longer vulnerable by checking the installed version:
ssh -V
Support:
If you encounter any issues during the update process or have any questions, please contact our support team at support@pantheondesign.ca.
Thank You
We thank you for your prompt attention to this critical security issue and your continued trust in Pantheon Design. By keeping your systems updated, you help us ensure a secure and reliable environment for all users.