A security regression (CVE-2006-5051) was discovered in OpenSSH’s server (sshd) – there is a race condition which can lead to sshd to handle some signals in an unsafe manner so an unauthenticated remote attacker may be able to trigger it by failing to authenticate within a set time period

For the stable distribution Debian ‚Bookworm‘ this problem has been fixed in version 1:9.2p1-2+deb12u3

https://lists.debian.org/debian-security-announce/2024/msg00135.html
root@PVE-03:~# ssh -V
OpenSSH_9.2p1 Debian-2+deb12u3, OpenSSL 3.0.13 30 Jan 2024

root@PVE-03:~#

This entry was posted on Mittwoch, Juli 3rd, 2024 at 21:53 and is filed under Administration, Linux Solution, Security Solution. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.