RegreSSHion: RCE in OpenSSH’s server, on glibc-based Linux systems

Source: Hacker News

Article note: Heh, the patches that added the built in block-on-repeated-attempt features into the logging path were also quietly patching a (very complicated to trigger) RCE related to signal handlers and logging because a few glibc functions hit by a signal in the timeout path aren't async safe.
This entry was posted in News. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *