How to easily fix OpenSSH RegreSSHion vulnerability

RMAG news

The regreSSHion vulnerability CVE-2024-6387 is a critical remote unauthenticated code execution (RCE) vulnerability affecting OpenSSH server (sshd) on glibc-based Linux systems. If exploited, this vulnerability can lead to:

Complete system takeover
Installation of malware
Data manipulation and exfiltration
Creation of backdoors for persistent access
Network propagation to other systems within the organization

Exploiting this vulnerability allows attackers to bypass critical security mechanisms and cause significant damage.

Solution for Ubuntu

Check your Ubuntu version

To check your Ubuntu version, run the following command in your terminal:

lsb_release -a

This command will display information about your Ubuntu distribution, including the release name.

How to fix the vulnerability

To fix the regreSSHion vulnerability on your Ubuntu server, follow these steps:

Update the package list and install available updates:

sudo apt update
sudo apt upgrade

Ensure you are running the latest version of OpenSSH for your release:

sudo apt install –only-upgrade openssh-server

👉 If you like this article, you can follow me on Twitter

Check if the fix is installed

Ensure the version at least matches the patched version for your Ubuntu release:

dpkg -l | grep openssh-server

Jammy: 1:8.9p1-3ubuntu0.10

Mantic: 1:9.3p1-1ubuntu3.6

Noble: 1:9.6p1-3ubuntu13.3

Protect your server with automatic updates

Unattended Upgrades is a package on Ubuntu that allows automatic installation of security updates and critical packages without user intervention. This can help ensure that your system is always up-to-date with the latest security patches, including the fix for vulnerabilities like regreSSHion.

If you had unattended upgrades configured on your Ubuntu system, it would have automatically applied the security update for OpenSSH as soon as it was available, thereby mitigating the vulnerability without requiring manual intervention.

How to Set Up Unattended Upgrades

Follow these steps to set up unattended upgrades on your Ubuntu system:

Install Unattended Upgrades:

sudo apt update
sudo apt install unattended-upgrades

Enable Unattended Upgrades:

sudo dpkg-reconfigure –priority=medium unattended-upgrades

Checking If Unattended Upgrades Is Working

To verify that unattended upgrades are functioning correctly:

Check the Status of the Service:

sudo systemctl status unattended-upgrades

Review the Log Files:

Review the logs to see if updates have been applied:

sudo tail -f /var/log/unattended-upgrades/unattended-upgrades.log

By setting up unattended upgrades, you can ensure that critical security updates, like those for the regreSSHion vulnerability, are applied automatically, enhancing the security of your Ubuntu server without manual intervention.

🎯 Find my next blog articles earlier on https://easyselfhost.dev/blog