PTA Warns of Critical Security Vulnerability in Linux Systems

The Pakistan Telecommunication Authority (PTA) has issued a Cyber Security Advisory highlighting a critical vulnerability in OpenSSH’s server component on Linux systems.

Identified as CVE-2024-6387 and nicknamed “regreSSHion,” this flaw allows unauthenticated remote code execution (RCE) as root. The vulnerability affects OpenSSH versions 8.5p1 through 9.7p1 and poses a severe risk of full system compromise.

According to the advisory, the vulnerability stems from OpenSSH’s integration with glibc, exposing systems to potential exploitation. OpenSSH maintainers have released security patches to address the issue. However, the PTA cautioned that such vulnerabilities may resurface in subsequent updates due to inadvertent regression, emphasizing the critical need for robust testing during development cycles.

The PTA classified the vulnerability as high severity and urged immediate action. Users are strongly advised to upgrade to the latest OpenSSH version (9.8p1) on the official OpenSSH website. Additional recommendations include implementing network segmentation, restricting SSH access, and ensuring all systems are regularly updated with the latest security patches to thwart exploitation.

The advisory also guided reporting incidents related to this vulnerability. Users encountering security breaches are directed to report them promptly via the PTA CERT Portal or through the authority’s official email channels. These measures aim to mitigate the risk posed by the regreSSHion vulnerability while enhancing overall cybersecurity resilience.

Follow ProPakistani on Google News & scroll through your favourite content faster!

Support independent journalism

If you want to join us in our mission to share independent, global journalism to the world, we’d love to have you on our side. If you can, please support us on a monthly basis. It takes less than a minute to set up, and you can rest assured that you’re making a big impact every single month in support of open, independent journalism. Thank you.



  • Get Alerts

    Follow ProPakistani to get latest news and updates.


    ProPakistani Community

    Join the groups below to get latest news and updates.



    >