TLDR:
- FreeBSD has released an urgent security patch for a high-severity OpenSSH vulnerability (CVE-2024-7589) that could allow remote code execution with elevated privileges.
- Users are advised to update to a supported version of FreeBSD and restart sshd to mitigate potential threats.
Article Summary:
The FreeBSD Project has issued security updates to address a critical flaw in OpenSSH that could be exploited by attackers to run arbitrary code remotely with elevated privileges. The vulnerability, known as CVE-2024-7589, has a CVSS score of 7.4, indicating high severity. This issue arises from a signal handler in sshd(8) that calls a logging function not async-signal-safe, allowing unauthenticated remote code execution as root.
OpenSSH is widely used for encrypted and authenticated transport for services like remote shell access. The current vulnerability is linked to a previous issue (regreSSHion – CVE-2024-6387) resulting from the integration of blacklistd in OpenSSH in FreeBSD. Users are strongly urged to update to a supported version of FreeBSD and restart sshd to address the flaw. Alternatively, setting LoginGraceTime to 0 in /etc/ssh/sshd_config and restarting sshd can also mitigate the issue.
The article emphasizes the importance of taking immediate action to secure systems running FreeBSD, as failure to patch the vulnerability could result in unauthorized remote access and potential code execution. Users are reminded to stay vigilant, update their systems, and follow best practices to protect against cyber threats.