Stay organized with collections
Save and categorize content based on your preferences.
The following describes all security bulletins related to
Google Distributed Cloud connected.
GCP-2024-040
Published: 2024-07-03
Description
Severity
Notes
Google Distributed Cloud connected ships with a version of OpenSSH
vulnerable to the RegreSSHion attack. However, Distributed Cloud connected
firewall configurations prevent external attacks against Distributed Cloud
connected deployments. SSH ports are only accessible from within Google networks and the
Distributed Cloud connected virtual networks. They are not accessible from
external local networks or the internet.
Google is working on an update to the OpenSSH server configuration that mitigates
this attack. This update will be deployed to every Distributed Cloud
connected installation as soon as Google successfully validates it. This update
will ignore all maintenance windows and maintenance exclusion windows. Your workloads
will not be disrupted by this update.