title

AlmaLinux OS - Forever-Free Enterprise-Grade Operating System

article:section

blog

article:published_time

2024-07-01T00:00:00+00:00

article:modified_time

2024-07-01T00:00:00+00:00

charset

UTF-8

og:title

AlmaLinux OS 9 - CVE-2024-6387: regreSSHion

og:description

If you are running an AlmaLinux OS 9 machine, you need to know about a vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems that was published earlier today, July 1, 2024. It has been assigned the identifier CVE-2024-6387 and named regreSSHion. This vulnerability is exploitable remotely and grants unauthenticated root access. Security is our top priority at AlmaLinux and we aim to deliver patches to our users as quickly as possible. The openssh patch for CVE-2024-6387 has been released and is available for AlmaLinux OS 9 users. The decision to build the update and push the package to production on our own (without a CentOS Stream/RHEL update) was made by our newly-formed technical steering committee, ALESCo.

og:type

article

og:url

https://almalinux.org/blog/2024-07-01-almalinux-9-cve-2024-6387/

og:image

https://almalinux.org/images/og/newhero.png

alternate

/blog/index.xml

apple-touch-icon

/fav/apple-touch-icon.png

icon

/fav/favicon-32x32.png

icon

/fav/favicon-16x16.png

manifest

/fav/site.webmanifest