Jul 24, 2023THNLinux / Network Security Details have emerged about a now-patched flaw in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions. "This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH's forwarded ssh-agent," Saeed Abbasi, manager of … [Read more...] about New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection
OpenSSH
OpenSSH Now Encrypts Secret Keys in Memory Against Side-Channel Attacks
In recent years, several groups of cybersecurity researchers have disclosed dozens of memory side-channel vulnerabilities in modern processors and DRAMs, like Rowhammer, RAMBleed, Spectre, and Meltdown.Have you ever noticed they all had at least one thing in common?That's OpenSSH.As a proof-of-concept, many researchers demonstrated their side-channel attacks against OpenSSH … [Read more...] about OpenSSH Now Encrypts Secret Keys in Memory Against Side-Channel Attacks