A severe vulnerability in OpenSSH, dubbed "regreSSHion" (CVE-2024-6387), has been discovered by the Qualys Threat Research Unit, potentially exposing

cross-posted from: https://lemmy.pt/post/5733711

A severe vulnerability in OpenSSH, dubbed “regreSSHion” (CVE-2024-6387), has been discovered by the Qualys Threat Research Unit, potentially exposing

    • Telorand@reddthat.com
      12·
      3 months ago

      They could get RasPis below 4th gen running outdated software, I guess. I think I read elsewhere that Debian already had a patch out some time ago, so that number is also likely diminishingly small.

      • d_k_bo@feddit.org
        4·
        3 months ago

        I have no idea when I last updated my RasPi 0s (none of which is exposed to the public).

        • oKtosiTe@lemmy.world
          2·
          3 months ago

          Most images and distros are just Raspbian at their core and as such are pretty easy to upgrade.

          I upgraded my homebridge/pihole from Bullseye to Bookworm just a few days ago and it went off without a hitch.

  • dino@discuss.tchncs.deEnglish
    8·
    3 months ago

    Question if I update my server and it has the new SSH (patched) package. Is that enough or do I have to restart the server as well? How can I check if the old SSH is in use currently?

    • Skull giver@popplesburger.hilciferous.nl
      7·
      3 months ago

      Restart your ssh server to be sure (probably sudo systemctl restart sshd). No need to reboot your server for this.

      I don’t know how reliable this is, but I usually go into htop to check if stuff needs to be restarted. Processes in red have been replaced or removed since starting.

      That said, regular server reboots are a good idea to make sure kernel patches are applied. Can’t go wrong with a reboot just in case.

    • Kusimulkku@lemm.ee
      5·
      3 months ago

      Some package managers have a command to see if anything is in need of restart. Zypper has ps -s for example. I’d restart to be sure though.

      • dino@discuss.tchncs.deEnglish
        1·
        3 months ago

        My server tells me a restart would be required because of:

        linux-base linux-image-6.1.0-22-amd64

        Does that have anything to do with the SSH package?

        • Kusimulkku@lemm.ee
          1·
          3 months ago

          It sounds like it’s the kernel but whether it has anything to do with ssh, I really don’t know. Sometimes parts work together in surprising ways, as I learned with the recent sshd/systemd/xz exploit.

          You might be fine and this was the most alarming exploit since it’s very inconvenient, but personally I’d restart just to be sure.