Notice of OpenSSH Remote Code Execution Vulnerability (CVE-2024-6387)
OpenSSH is a secure network communication tool based on the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides a large number of secure tunneling capabilities, multiple authentication methods, and complex configuration options. It is a necessary tool for remote server management and secure data communication.
Description
|
Type |
CVE-ID |
Severity |
Discovered |
|---|---|---|---|
|
Privilege escalation |
Critical |
2024-07-01 |
Impact
This vulnerability is caused by a signal handler race condition in OpenSSH's server (sshd). An unauthenticated attacker can exploit this vulnerability to execute arbitrary code as root on Linux.
Identification Method
- Check the OS and OpenSSH versions of a node:
- If the OS of a cluster node is EulerOS or CentOS, the OpenSSH is not affected by this vulnerability.
- Run the following command to check whether the SSH port is used:
netstat -tlnp|grep -w 22
If the query result shows that the SSH port is listening, it specifies that the SSH access is enabled on the node.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
