A newly-reported vulnerability, known as regreSSHion, has hit the Linux ecosystem. Affected distros include Ubuntu 22.04 and 24.04, Debian 12, and AlmaLinux 9.
As reported by the Ubuntu Security Team:
It was discovered that OpenSSH incorrectly handled signal management. A remote attacker could use this issue to bypass authentication and remotely access systems without proper credentials.
We’ve patched managed servers and our own infrastructure
Our team has been hard at work patching all managed servers, and all of the gear that we run for ourselves. If you have Managed Services applied to your servers, this is one of those times when you can bank the benefits and get on with your day.
To be specific, we’ve updated every affected distro to a newly-released version that includes a patch against this new vulnerability. We’ve worked so quickly that we’re ahead of our ability to fully test the results. To exploit the vulnerability is time-consuming - it can take a couple of days. While distro developers assure us that patches are in place, we haven’t been able to run our own verification.
If you manage your own server
We have not patched unmanaged servers. If you manage your own servers, we recommend that you act as soon as you can.
Update affected Ubuntu or Debian packages with this code:
apt update && apt install openssh-server openssh-client openssh-sftp-server
There is a straightforward AlmaLinux fix as well.
As above, you won’t be able to immediately test results, but we have no reason to doubt that your update will fix the problem.
Is it time to talk with us about Server Management?
The big benefits of Server Management are made clear when issues like this SSH vulnerability are discovered. Plenty of SiteHost customers who were at risk will only have heard of this potential problem after we already secured their infrastructure against it.
If you’d like to talk with us about adding Server Management, we’re always ready to hear from you.