CVE-2024-6387 (regreSSHion) is a race condition in OpenSSH's signal handler enabling unauthenticated root RCE on glibc Linux. Upgrade to OpenSSH 9.8p1 immediately. As an interim measure, set LoginGraceTime=0 in sshd_config, though this may create a denial-of-service risk. Over 14 million servers are potentially exposed.
regreSSHion: OpenSSH Remote Code Execution vulnerability in glibc-based Linux systems. Unauthenticated RCE as root.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →