Qualys Threat Research Unit found a major Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH affecting glibc-based Linux systems. Over 14 million OpenSSH server instances were identified as exposed to the internet, with approximately 31% being vulnerable. An intriguing aspect is that some vulnerable instances are running End-Of-Life/End-Of-Support versions of OpenSSH. The vulnerability is a regression from a previously patched issue in 2006, requiring careful regression testing to prevent reintroduction. Qualys has developed an exploit but has not released it to allow time for patches. Immediate patching and enhanced security measures are recommended to mitigate this significant threat.
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server