OpenSSH Remote Code Execution Vulnerability (CVE-2024-6387) Security Risk
This vulnerability is due to a signal handler competition issue in the OpenSSH service (sshd), allowing an unauthenticated attacker to This vulnerability can be exploited to execute arbitrary code as root on a Linux system. At present, the technical details of this vulnerability have been disclosed on the Internet. This vulnerability has a large impact. It is recommended to conduct self-examination and protection as soon as possible.

Affected versions: 8.5p1 - 9.7p1

Vernacular: In versions 8.5p1 - 9.7p1 of SSH, external attackers can Just modify your host



View the latest version file
https://cdn.openbsd.org/pub/OpenBSD/ OpenSSH/portable/

View version
 

  1. ssh -V



Update and install necessary packages
 

  1. sudo apt-get  -y update
     
  2. sudo apt-get install build-essential zlib1g-dev libssl-dev



Download the latest package:
 

  1. wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz



Unzip:
 

  1. tar -xzf openssh-9.8p1.tar.gz
     
  2. cd openssh-9.8p1



Compile:
 

  1. ./configure
     
  2. make



Install:
 

  1. sudo make install



Restart the service:
 

  1. sudo systemctl restart ssh



View version
 

  1. ssh -V



If the version does not show openssh-9.8p1, you need to add environment variables:
 

  1. echo 'export PATH=/usr/local/bin:/usr/local/sbin:$PATH' >> ~/.bashrc



Verification takes effect
 

  1. source ~/.bashrc



Check the version (OK if openssh-9.8p1 ​​appears)
 

  1. ssh -V



Modify the ExecStartPre, ExecStart and ExecReload lines in the ssh.service file,
Change /usr/sbin/sshd to /usr/local/sbin/sshd
 

  1. sudo sed -i 's|ExecStartPre=/usr/sbin/sshd|ExecStartPre=/usr/local/sbin/sshd|; s|ExecStart=/usr/sbin/sshd|ExecStart=/usr/local/sbin/sshd| ; s|ExecReload=/usr/sbin/sshd|ExecReload=/usr/local/sbin/sshd|' /lib/systemd/system/ssh.service
     
  2.  

 


Confirm the modification content:
 

  1. grep -E 'ExecStartPre|ExecStart|ExecReload' /lib/systemd/system/ssh.service



Reload the service:
 

  1. sudo systemctl daemon-reload
     
  2. sudo systemctl restart sshd



List running SSH processes (confirm if it is /usr/local/sbin/sshd)
 

  1. ps -ef | grep sshd



Note: The above operation will change the ssh configuration file to /usr/local/etc/sshd_config. The content of the configuration file needs to be updated.

Delete the new configuration file and create a link. Go to /etc/ssh/sshd_config and load service
 

  1. sudo rm /usr/local/etc/sshd_config
     
  2. sudo ln -s /etc/ssh/sshd_config /usr/local/etc/sshd_config
     
  3. sudo systemctl daemon-reload
     
  4. sudo systemctl restart sshd



Clean up old versions (optional)
 

  1. sudo rm /usr/sbin/sshd



 

Leave a Reply