cross-posted from: https://lemmy.pt/post/5733711

A severe vulnerability in OpenSSH, dubbed “regreSSHion” (CVE-2024-6387), has been discovered by the Qualys Threat Research Unit, potentially exposing

  • Kusimulkku@lemm.ee
    link
    fedilink
    arrow-up
    6
    ·
    5 months ago

    Some package managers have a command to see if anything is in need of restart. Zypper has ps -s for example. I’d restart to be sure though.

    • dino@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      2
      ·
      5 months ago

      My server tells me a restart would be required because of:

      linux-base linux-image-6.1.0-22-amd64

      Does that have anything to do with the SSH package?

      • Kusimulkku@lemm.ee
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        5 months ago

        It sounds like it’s the kernel but whether it has anything to do with ssh, I really don’t know. Sometimes parts work together in surprising ways, as I learned with the recent sshd/systemd/xz exploit.

        You might be fine and this was the most alarming exploit since it’s very inconvenient, but personally I’d restart just to be sure.