“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux

Researchers have warned about a critical vulnerability in the OpenSSH networking utility, which gives attackers control over Linux and Unix servers without requiring authentication. Tracked as CVE-2024-6387, the vulnerability is due to a code regression from 2020 and can lead to a full system compromise. Although there are factors that could prevent mass exploitation, targeted attacks are still a risk. Users who have a vulnerable version are advised to update as soon as possible.