17-Jul-2024, 02:56 AM
https://nvd.nist.gov/vuln/detail/CVE-2024-6387
- OpenSSH versions earlier than 4.4p1 (released 2006) are vulnerable unless they've been patched for CVE-2006-5051 and CVE-2008-4109. Versions 8.5p1 (released March 2021) up to, but not including, 9.8p1 (released 1st July, 2024) are also affected, owing to the accidental removal of a critical component. The vulnerability has been fixed in version 9.8p1.
The current version of Ubuntu Mantic has openssh-server version 9.8p1.
Code:
sudo apt update && sudo apt install openssh-server