Security update concerning CVE-2024-6387
-
Hello,
We would like to inform you of a recent security vulnerability (CVE-2024-6387), which has been discovered in the OpenSSH component (versions 8.5p1 to 9.7p1) impacting operating systems based on Red Hat 9 (CentOS Stream, Rocky Linux, AlmaLinux).
This vulnerability would allow an unauthenticated attacker to remotely execute code with root privileges. The exploit has so far only been proven on 32-bit systems.
However, it is important to note that to exploit this flaw, continuous connections of 6 to 8 hours are required.As part of our migration plan to Alma Linux, we would like to assure you that security is a priority.
The old GoFAST architecture using the CentOS operating system is not impacted; under Almalinux (the new architecture), we have updated the package to correct this vulnerability.
Best regards,
Léa Angelloz
Useful link: https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-009/
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login