- Bharat Jogi, Senior Director of Threat Research Unit at Qualys, writes about a Remote Unauthenticated Code Execution Vulnerability in OpenSSH server.
- You can read more from the Qualys blog post.
It was discovered that OpenSSH servers running with GNU C Library (glibc) in Linux are vulnerable to CVE-2024-6387. A race condition within the OpenSSH server could lead to unauthenticated remote code execution. This affects various versions of OpenSSH going back years!