Threat Advisories:
Highlights of Our CISO Dinner
Upgrading struggling vulnerability management programs to Threat Exposure Management, with Host, CISO Al Lindseth formerly from Plains All American Pipeline and PWC - 6 minute podcast
0:00
0:00
👥 Play Count: Loading...

regreSSHion: Exploiting Signal Handler Race Condition in OpenSSH

Threat Level – Red | Vulnerability Report
Download PDF

Summary:

The “regreSSHion” vulnerability (CVE-2024-6387) in OpenSSH allows unauthenticated remote code execution with root privileges on glibc-based Linux systems, affecting versions 8.5p1 to 9.7p1. Despite being hard to exploit, it poses severe risks including full system compromise. Mitigation includes updating to version 9.8p1 or adjusting ‘LoginGraceTime’ settings, though this may expose systems to denial-of-service attacks.
 
 

Threat Level – Red | Vulnerability Report

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox