NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Laserbait
Jul 02, 2024Luminary
CVE-2024-6387 - regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server
CVE-2024-6387 - https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
So looking at that blog about the CVE, there is a window of versions of SSH that are not affected (my emphasis added):
Affected OpenSSH versions:
- OpenSSH versions earlier than 4.4p1 are vulnerable to this signal handler race condition unless they are patched for CVE-2006-5051 and CVE-2008-4109.
- Versions from 4.4p1 up to, but not including, 8.5p1 are not vulnerable due to a transformative patch for CVE-2006-5051, which made a previously unsafe function secure.
- The vulnerability resurfaces in versions from 8.5p1 up to, but not including, 9.8p1 due to the accidental removal of a critical component in a function.
OpenBSD systems are unaffected by this bug, as OpenBSD developed a secure mechanism in 2001 that prevents this vulnerability.
I checked my systems, and the version of SSH that I have on my systems (all are on ReadyNAS 6.10.9) is 6.7p1:
admin@RN204:~$ uname -a
Linux RN204 4.4.218.alpine.1 #1 SMP Tue Oct 11 22:33:18 UTC 2022 armv7l GNU/Linux
admin@RN204:~$ ssh -V
OpenSSH_6.7p1-hpn14v5 Debian-5+deb8u7.netgear1, OpenSSL 1.0.1t 3 May 2016
root@RN316:/home/admin# uname -a
\Linux RN316 4.4.218.x86_64.1 #1 SMP Tue Oct 11 22:26:01 UTC 2022 x86_64 GNU/Linux
root@RN316:/home/admin# ssh -V
OpenSSH_6.7p1-hpn14v5 Debian-5+deb8u7.netgear1, OpenSSL 1.0.1t 3 May 2016
So if you're running 6.10.9, you're safe, as far as I can tell.
1 Reply
Replies have been turned off for this discussion
- StephenBGuru - Experienced User
Actually the key text is
- The vulnerability resurfaces in versions from 8.5p1 up to, but not including, 9.8p1 due to the accidental removal of a critical component in a function.
So it mostly affects new openSSH releases (after March 2021, which is when 8.5 was released).
- All OS-6 systems use OpenSSH 6.x versions - so they are not vulnerable to this particular CVE
- Systems running 5.x firmware use OpenSSH 5.x versions - so they are not vulnerable either.
- Systems running 4.x firmware use OpenSSH 4.3 - so they are potentially vulnerable. Likely Netgear applied the two CVE patches needed to close this vulnerability (since they date back to 2008), but that is not something I can confirm.
FWIW, IMO no one should be allowing over-the-internet connections to any ReadyNAS system (other than through a VPN).
Related Content
NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!