The regreSSHion
vulnerability CVE-2024-6387
is a critical remote unauthenticated code execution (RCE) vulnerability affecting OpenSSH server (sshd) on glibc-based Linux systems. If exploited, this vulnerability can lead to:
- Complete system takeover
- Installation of malware
- Data manipulation and exfiltration
- Creation of backdoors for persistent access
- Network propagation to other systems within the organization
Exploiting this vulnerability allows attackers to bypass critical security mechanisms and cause significant damage.
Solution for Ubuntu
Check your Ubuntu version
To check your Ubuntu version, run the following command in your terminal:
lsb_release -a
This command will display information about your Ubuntu distribution, including the release name.
How to fix the vulnerability
To fix the regreSSHion
vulnerability on your Ubuntu server, follow these steps:
- Update the package list and install available updates:
sudo apt update
sudo apt upgrade
- Ensure you are running the latest version of OpenSSH for your release:
sudo apt install --only-upgrade openssh-server
👉 If you like this article, you can follow me on Twitter
Check if the fix is installed
Ensure the version at least matches the patched version for your Ubuntu release:
dpkg -l | grep openssh-server
- Jammy:
1:8.9p1-3ubuntu0.10
- Mantic:
1:9.3p1-1ubuntu3.6
- Noble:
1:9.6p1-3ubuntu13.3
Protect your server with automatic updates
Unattended Upgrades is a package on Ubuntu that allows automatic installation of security updates and critical packages without user intervention. This can help ensure that your system is always up-to-date with the latest security patches, including the fix for vulnerabilities like regreSSHion
.
If you had unattended upgrades configured on your Ubuntu system, it would have automatically applied the security update for OpenSSH as soon as it was available, thereby mitigating the vulnerability without requiring manual intervention.
How to Set Up Unattended Upgrades
Follow these steps to set up unattended upgrades on your Ubuntu system:
- Install Unattended Upgrades:
sudo apt update
sudo apt install unattended-upgrades
- Enable Unattended Upgrades:
sudo dpkg-reconfigure --priority=medium unattended-upgrades
Checking If Unattended Upgrades Is Working
To verify that unattended upgrades are functioning correctly:
- Check the Status of the Service:
sudo systemctl status unattended-upgrades
- Review the Log Files:
Review the logs to see if updates have been applied:
sudo tail -f /var/log/unattended-upgrades/unattended-upgrades.log
By setting up unattended upgrades, you can ensure that critical security updates, like those for the regreSSHion
vulnerability, are applied automatically, enhancing the security of your Ubuntu server without manual intervention.
🎯 Find my next blog articles earlier on https://easyselfhost.dev/blog
Top comments (0)