cross-posted from: https://lemmy.pt/post/5733711

A severe vulnerability in OpenSSH, dubbed "regreSSHion" (CVE-2024-6387), has been discovered by the Qualys Threat Research Unit, potentially exposing

  • tmpod@lemmy.pt
    hexagon
    ·
    6 months ago

    musl isn't vulnerable, as per https://fosstodon.org/@musl/112711796005712271

    The exploit isn't that practicable, since it takes a very long time on 32 bit systems, which are ever rarer to see.

    • Telorand@reddthat.com
      ·
      6 months ago

      They could get RasPis below 4th gen running outdated software, I guess. I think I read elsewhere that Debian already had a patch out some time ago, so that number is also likely diminishingly small.