>A critical vulnerability in sshd(8) was present in Portable OpenSSH
versions between 8.5p1 and 9.7p1 (inclusive) that may allow arbitrary
code execution with root privileges.<p>FYI that's every version published after 2021-03-03<p>That's got to be 99% of all linux machines in the world with an ssh daemon running right?<p><a href="https://www.openssh.com/releasenotes.html" rel="nofollow">https://www.openssh.com/releasenotes.html</a>
Sorry, duplicate of <a href="https://news.ycombinator.com/item?id=40843778">https://news.ycombinator.com/item?id=40843778</a>
<i>We discovered a vulnerability (a signal handler race condition) in
OpenSSH's server (sshd): if a client does not authenticate within
LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions),
then sshd's SIGALRM handler is called asynchronously, but this signal
handler calls various functions that are not async-signal-safe (for
example, syslog()). This race condition affects sshd in its default
configuration. </i><p>So SIGALRM because of the timer firing?<p>Out of curiosity... any rust sshd implementations? I found libraries, but no plug&play replacement for openssh?
> Only two remote holes in the default install, in a heck of a long time!<p>As someone who doesn't know this kind of stuff well, will this cause OpenBSD to have to update the statement above?<p><a href="https://www.openbsd.org" rel="nofollow">https://www.openbsd.org</a><p>EDIT:<p>TFA says:<p>> OpenBSD is not vulnerable.