Alerts This Week
Warning Icon 1 1,295
Alerts This Week
Warning Icon 1 1,295

Ubuntu 24.04 LTS USN-6860-1 Critical: OpenSSL Security Flaw

ubuntu
Calendar Grey July 1, 2024
Dist Ubuntu Esm H88
An OpenSSH patch addresses a critical flaw allowing unauthorized remote control. Ubuntu users should implement this fix immediately.
OpenSSH could be made to bypass authentication and remotely access systems without proper credentials.

Summary

OpenSSH could be made to bypass authentication and remotely

access systems without proper credentials.

Software Description:

- openssh: secure shell (SSH) for secure access to remote machines

Details:

It was discovered that OpenSSH incorrectly handled signal management. A

remote attacker could use this issue to bypass authentication and remotely

access systems without proper credentials.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
  openssh-client                  1:9.6p1-3ubuntu13.3
  openssh-server                  1:9.6p1-3ubuntu13.3

Ubuntu 23.10
  openssh-client                  1:9.3p1-1ubuntu3.6
  openssh-server                  1:9.3p1-1ubuntu3.6

Ubuntu 22.04 LTS
  openssh-client                  1:8.9p1-3ubuntu0.10
  openssh-server                  1:8.9p1-3ubuntu0.10

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6859-1

CVE-2024-6387

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6859-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here