Home / Security updates / regreSSHion - CVE-2024-6387
regreSSHion - CVE-2024-6387
Security updates detail rendered from /security-updates/upd_3a35dfd1c70375a3.
Overview
| ID | upd_3a35dfd1c70375a3 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Acquia |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_3a35dfd1c70375a3 |
| providerId | safebase |
| organizationId | org_e4b30327cd87b905 |
| trustCenterId | tc_425c003b7876d0d4 |
| title | regreSSHion - CVE-2024-6387 |
| message | Today, 7/1/2024, the Qualys Threat Research Unit released a blog post detailing a vulnerability, CVE-2024-6387, in OpenSSH’s server (sshd) in glibc-based Linux systems. The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems; that presents a significant security risk. This race condition affects sshd in its default configuration. https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server At this point in time, the assessment is that Acquia remains unaffected as triaged by Canonical (https://ubuntu.com/security/CVE-2024-6387). Acquia continues its independent analysis and will update here with any further information. |
| url | - |
| publishedAt | 2024-07-01 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_e4b30327cd87b905",
"name": "Acquia",
"domains": [
"security.acquia.com",
"acquia.com"
]
} |
| trust_center | {
"id": "tc_425c003b7876d0d4",
"name": "Acquia",
"url": "https://security.acquia.com",
"host": "security.acquia.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_3a35dfd1c70375a3",
"company": "/v1/companies/org_e4b30327cd87b905",
"trust_center": "/v1/trust-centers/tc_425c003b7876d0d4",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_3a35dfd1c70375a3JSON