Another OpenSSH remote code execution vulnerability

by
corbet
from LWN.net on (#6P31A)
Alexander "Solar Designer" Peslyak has disclosed another OpenSSHvulnerability that can be exploited for remote code execution, but onlyon distributions that have applied a patch to add auditing support.Specifically, RHEL9 and derivatives are affected, as areFedora36 and37 (but not later releases).

The main difference from CVE-2024-6387 is that the race conditionand RCE potential are triggered in the privsep child process, whichruns with reduced privileges compared to the parent server process.So immediate impact is lower. However, there may be differences inexploitability of these vulnerabilities in a particular scenario,which could make either one of these a more attractive choice foran attacker, and if only one of these is fixed or mitigated thenthe other becomes more relevant.
External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments