DEV Community

Cover image for How to easily fix OpenSSH RegreSSHion vulnerability
IndyMan
IndyMan

Posted on

How to easily fix OpenSSH RegreSSHion vulnerability

The regreSSHion vulnerability CVE-2024-6387 is a critical remote unauthenticated code execution (RCE) vulnerability affecting OpenSSH server (sshd) on glibc-based Linux systems. If exploited, this vulnerability can lead to:

  • Complete system takeover
  • Installation of malware
  • Data manipulation and exfiltration
  • Creation of backdoors for persistent access
  • Network propagation to other systems within the organization

Exploiting this vulnerability allows attackers to bypass critical security mechanisms and cause significant damage.

Solution for Ubuntu

Check your Ubuntu version

To check your Ubuntu version, run the following command in your terminal:

lsb_release -a
Enter fullscreen mode Exit fullscreen mode

This command will display information about your Ubuntu distribution, including the release name.

How to fix the vulnerability

To fix the regreSSHion vulnerability on your Ubuntu server, follow these steps:

  1. Update the package list and install available updates:
sudo apt update
sudo apt upgrade
Enter fullscreen mode Exit fullscreen mode
  1. Ensure you are running the latest version of OpenSSH for your release:
sudo apt install --only-upgrade openssh-server
Enter fullscreen mode Exit fullscreen mode

👉 If you like this article, you can follow me on Twitter

Check if the fix is installed

Ensure the version at least matches the patched version for your Ubuntu release:

dpkg -l | grep openssh-server
Enter fullscreen mode Exit fullscreen mode
  • Jammy: 1:8.9p1-3ubuntu0.10
  • Mantic: 1:9.3p1-1ubuntu3.6
  • Noble: 1:9.6p1-3ubuntu13.3

Protect your server with automatic updates

Unattended Upgrades is a package on Ubuntu that allows automatic installation of security updates and critical packages without user intervention. This can help ensure that your system is always up-to-date with the latest security patches, including the fix for vulnerabilities like regreSSHion.

If you had unattended upgrades configured on your Ubuntu system, it would have automatically applied the security update for OpenSSH as soon as it was available, thereby mitigating the vulnerability without requiring manual intervention.

How to Set Up Unattended Upgrades

Follow these steps to set up unattended upgrades on your Ubuntu system:

  1. Install Unattended Upgrades:
sudo apt update
sudo apt install unattended-upgrades
Enter fullscreen mode Exit fullscreen mode
  1. Enable Unattended Upgrades:
sudo dpkg-reconfigure --priority=medium unattended-upgrades
Enter fullscreen mode Exit fullscreen mode

Checking If Unattended Upgrades Is Working

To verify that unattended upgrades are functioning correctly:

  1. Check the Status of the Service:
sudo systemctl status unattended-upgrades
Enter fullscreen mode Exit fullscreen mode
  1. Review the Log Files:

Review the logs to see if updates have been applied:

sudo tail -f /var/log/unattended-upgrades/unattended-upgrades.log
Enter fullscreen mode Exit fullscreen mode

By setting up unattended upgrades, you can ensure that critical security updates, like those for the regreSSHion vulnerability, are applied automatically, enhancing the security of your Ubuntu server without manual intervention.

🎯 Find my next blog articles earlier on https://easyselfhost.dev/blog

Top comments (0)