'Critical' vulnerability in OpenSSH uncovered, affects almost all Linux systems
(www.computing.co.uk)https://www.computing.co.uk/news/4329906/critical-vulnerability-openssh-uncovered-affects-linux-systemsMore info here:
https://redlib.catsarch.com/r/linux/comments/1dsvgli/critical_vulnerability_in_openssh_uncovered/============
Below is a comment with other links=============
Debian system on stable seem like they're not affected. I checked my open SSH version using sudo apt show openssh-server and looks like I'm running:
Package: openssh-server Version: 1:7.9p1-10+deb10u4
And the article listed states that this version isn't affected.
My Ubuntu machine is on version Version: 1:8.9p1-3ubuntu0.7 and looks like this version IS affected by this bug. I'm on the jammy release and they have released a new version that fixes this problem, so just a quick update should fix the issue.
Sources:
Ubuntu:
https://ubuntu.com/security/CVE-2024-6387RedHat:
https://access.redhat.com/security/cve/CVE-2024-6387CVE:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6387 
