Qualys TRU researchers discovered a critical flaw in the OpenSSH server, dubbed 'RegreSSHion,' affecting glibc-based Linux systems.

The vulnerability, identified as CVE-2024-6387, allows for remote unauthenticated code execution on systems running OpenSSH versions 8.5p1 to 9.7p1 and versions prior to 4.4p1.

This flaw arises from a signal handler race condition and impacts over 14 million Linux systems worldwide.

No active exploits have been observed yet, but security teams are urged to patch vulnerable systems promptly.

OpenBSD systems are not affected by this vulnerability.

Mitigation steps include updating to OpenSSH version 9.8 or adjusting the LoginGraceTime parameter in the configuration file.

OX Security customers can verify and patch vulnerable OpenSSH libraries.

Continuous monitoring for critical CVEs and implementing network access controls for SSH are recommended.

Admins should proactively secure their OpenSSH servers to prevent exploitation and data breaches.