Loading...
Loading...
Browse all stories on DeepNewz
VisitQualys Discovers Critical OpenSSH RCE Vulnerability CVE-2024-6409 in RHEL 9
Jul 9, 2024, 03:32 PM
A significant vulnerability has been discovered in OpenSSH, a widely used secure communications protocol. Researchers at the cybersecurity firm Qualys identified the flaw, which is designated as CVE-2024-6409. The vulnerability, found in RHEL 9's versions 8.7p1 and 8.8p1, and unmaintained Fedora, allows for remote code execution (RCE) via a race condition in the privileged separation (privsep) child process. This issue has sparked considerable concern within the security community, especially since active exploits have already been detected. The flaw is distinct from another recent vulnerability, CVE-2024-6387, but shares some similarities.
View original story
Debian • 25%
Ubuntu • 25%
Red Hat • 25%
Fedora • 25%
Yes • 50%
No • 50%
Ubuntu • 25%
Fedora • 25%
Debian • 25%
Other • 25%
Apple • 25%
Microsoft • 25%
Third-party cybersecurity firm • 25%
No patch released • 25%
macOS • 25%
Linux • 25%
Windows • 25%
Other • 25%
macOS • 33%
Linux • 33%
Both simultaneously • 33%
Finance • 25%
Healthcare • 25%
Government • 25%
Technology • 25%
Less than 50% • 25%
50-70% • 25%
70-90% • 25%
More than 90% • 25%
Financial • 25%
Healthcare • 25%
Government • 25%
Other • 25%
No • 50%
Yes • 50%
Yes • 50%
No • 50%
Phishing attacks • 25%
Other • 25%
Malware distribution • 25%
Direct server exploitation • 25%