FreeBSD fixes major OpenSSH flaw with urgent patch release

August 12, 2024
1 min read


TLDR:

  • FreeBSD has released an urgent security patch for a high-severity OpenSSH vulnerability (CVE-2024-7589) that could allow remote code execution with elevated privileges.
  • Users are advised to update to a supported version of FreeBSD and restart sshd to mitigate potential threats.

Article Summary:

The FreeBSD Project has issued security updates to address a critical flaw in OpenSSH that could be exploited by attackers to run arbitrary code remotely with elevated privileges. The vulnerability, known as CVE-2024-7589, has a CVSS score of 7.4, indicating high severity. This issue arises from a signal handler in sshd(8) that calls a logging function not async-signal-safe, allowing unauthenticated remote code execution as root.

OpenSSH is widely used for encrypted and authenticated transport for services like remote shell access. The current vulnerability is linked to a previous issue (regreSSHion – CVE-2024-6387) resulting from the integration of blacklistd in OpenSSH in FreeBSD. Users are strongly urged to update to a supported version of FreeBSD and restart sshd to address the flaw. Alternatively, setting LoginGraceTime to 0 in /etc/ssh/sshd_config and restarting sshd can also mitigate the issue.

The article emphasizes the importance of taking immediate action to secure systems running FreeBSD, as failure to patch the vulnerability could result in unauthorized remote access and potential code execution. Users are reminded to stay vigilant, update their systems, and follow best practices to protect against cyber threats.


Latest from Blog

Top 20 Linux Admin Tools for 2024

TLDR: Top Linux Admin Tools in 2024 Key points: Linux admin tools streamline system configurations, performance monitoring, and security management. Popular Linux admin tools include Webmin, Puppet, Zabbix, Nagios, and Ansible. Summary

Bogus job tempts aerospace, energy workers

TLDR: A North Korean cyberespionage group is posing as job recruiters to target employees in aerospace and energy sectors. Mandiant reports that the group uses fake job descriptions stored in malicious archives