CVE-2024-6387 - regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

CVE-2024-6387 - https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server

So looking at that blog about the CVE, there is a window of versions of SSH that are not affected (my emphasis added):

Affected OpenSSH versions:

• OpenSSH versions earlier than 4.4p1 are vulnerable to this signal handler race condition unless they are patched for CVE-2006-5051 and CVE-2008-4109.

• Versions from 4.4p1 up to, but not including, 8.5p1 are not vulnerable due to a transformative patch for CVE-2006-5051, which made a previously unsafe function secure.

• The vulnerability resurfaces in versions from 8.5p1 up to, but not including, 9.8p1 due to the accidental removal of a critical component in a function.

OpenBSD systems are unaffected by this bug, as OpenBSD developed a secure mechanism in 2001 that prevents this vulnerability.

I checked my systems, and the version of SSH that I have on my systems (all are on ReadyNAS 6.10.9) is 6.7p1:

admin@RN204:~$ uname -a
Linux RN204 4.4.218.alpine.1 #1 SMP Tue Oct 11 22:33:18 UTC 2022 armv7l GNU/Linux
admin@RN204:~$ ssh -V
OpenSSH_6.7p1-hpn14v5 Debian-5+deb8u7.netgear1, OpenSSL 1.0.1t 3 May 2016



root@RN316:/home/admin# uname -a
\Linux RN316 4.4.218.x86_64.1 #1 SMP Tue Oct 11 22:26:01 UTC 2022 x86_64 GNU/Linux
root@RN316:/home/admin# ssh -V
OpenSSH_6.7p1-hpn14v5 Debian-5+deb8u7.netgear1, OpenSSL 1.0.1t 3 May 2016

So if you're running 6.10.9, you're safe, as far as I can tell.