PTA Issues Alert on “regreSSHion” Vulnerability in OpenSSH for Linux Systems

The Pakistan Telecommunication Authority (PTA) has issued a Cyber Security Advisory regarding a critical vulnerability in OpenSSH’s server component on Linux systems.

The flaw, known as CVE-2024-6387, or “regreSSHion”, enables unauthenticated remote code execution (RCE) with root privileges, posing a significant threat of complete system compromise.

The vulnerability is associated with OpenSSH’s integration with glibc, which elevates the likelihood of exploitation. It impacts OpenSSH versions 8.5p1 through 9.7p1. To alleviate the situation, the OpenSSH maintainers have implemented security upgrades.

The vulnerability was classified as high severity by the PTA, which urged immediate action. It is strongly advised that OpenSSH users upgrade to the recent version (9.8p1), which is accessible on the official OpenSSH website.

Additionally, it is advised to restrict SSH access, implement network segmentation, and ensure that all systems are consistently updated with the most recent security upgrades to prevent exploitation.

The advisory also guided how to report incidents that were associated with this vulnerability. Users who experience security vulnerabilities are advised to promptly submit them through the PTA CERT Portal or the authority’s official email channels. The objective of these measures is to improve the overall cybersecurity resilience and reduce the risk associated with the regreSSHion vulnerability.