Skip to content
  • Categories
  • Recent
  • Popular
Collapse
Brand Logo
  1. Home
  2. Categories
  3. GoFAST (EN)
  4. Security update concerning CVE-2024-6387

Security update concerning CVE-2024-6387

Scheduled Pinned Locked Moved GoFAST (EN)
1 Posts 1 Posters 207 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • Léa AngellozL Offline
    Léa AngellozL Offline
    Léa Angelloz
    wrote on last edited by
    #1

    Hello,

    We would like to inform you of a recent security vulnerability (CVE-2024-6387), which has been discovered in the OpenSSH component (versions 8.5p1 to 9.7p1) impacting operating systems based on Red Hat 9 (CentOS Stream, Rocky Linux, AlmaLinux).

    This vulnerability would allow an unauthenticated attacker to remotely execute code with root privileges. The exploit has so far only been proven on 32-bit systems.
    However, it is important to note that to exploit this flaw, continuous connections of 6 to 8 hours are required.

    As part of our migration plan to Alma Linux, we would like to assure you that security is a priority.

    The old GoFAST architecture using the CentOS operating system is not impacted; under Almalinux (the new architecture), we have updated the package to correct this vulnerability.

    Best regards,

    Léa Angelloz

    Useful link: https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-009/

    1 Reply Last reply
    0

    • Login
    • Don't have an account? Register
    • Search
    • First post
      Last post
    0
    • Categories
    • Recent
    • Popular
    • Search