Hello Linux users, 

The open-source security community has been shaken by the discovery of over 30 vulnerabilities in the widely used Exim mail transfer agent. A critical SMTP flaw enables attackers to exploit SMTP smuggling to inject malicious commands into email content. This could result in unauthorized system access and service disruption, threatening data security and service integrity.

Read on to learn if you are impacted, how to check if your version of Exim is vulnerable, and how to secure your systems against these critical vulnerabilities. You’ll also get updates on other issues affecting your open-source programs and applications that threaten your sensitive data and system security.

If you gained valuable information from reading today’s newsletter, please share it with a fellow security geek. Do you have a Linux security-related topic you'd like to cover for our audience? We welcome contributions from passionate, insightful community members who share our love for Linux and security!

Stay safe out there,

Brittany Signature 150 Esm W150

Exim

The Discovery 

Recently, over 30 vulnerabilities have been found in the widely used Exim mail transfer agent, including a critical SMTP flaw that enables attackers to exploit SMTP smuggling to inject malicious commands into email content. 

Exim Esm W200

The Impact

These flaws could result in unauthorized system access and service disruption, threatening data security and service integrity.

The Fix

Critical Exim security updates have been released to mitigate these bugs. We strongly recommend that all impacted users update now to secure their data and protect system availability.

Your Related Advisories:

[distro_list_1]

OpenSSH

The Discovery 

Have you updated it to fix the recently discovered OpenSSH RCE bug dubbed "regreSSHion" (CVE-2024-6387)? This vulnerability enables an unauthenticated attacker to gain root-level code execution without authentication, rendering this race condition especially severe given SSH's root-level access capabilities.

OpenSSH Esm W190

The Impact

This issue could compromise an entire system, resulting in malware infections, data breaches, and the creation of backdoors for sustained unauthorized access. 

The Fix

Distros continue to release critical OpenSSH security patch updates to fix this issue. We urge all impacted users to update immediately to secure their systems and data against compromise. 

Your Related Advisories:

[distro_list_2]

PHP

The Discovery 

Threat actors continue to exploit a PHP code execution vulnerability to spread TellYouThePass ransomware. This flaw impacts PHP versions 8.1, before 8.1.29, 8.2, before 8.2.20, and 8.3. before 8.3.8.

PHP Esm W400

The Impact

This vulnerability allows cybercriminals to execute arbitrary PHP code on target systems, putting web applications and servers at risk of ransomware attacks.

The Fix

Essential PHP security advisory updates have been released to mitigate this issue. We strongly encourage all impacted users to update as soon as possible to safeguard their systems and data against ransomware attacks.

Your Related Advisories:

[distro_list_3]