Add the feed URL directly to your feed reader: https://cloud.google.com/migrate-to-virtual-machines-security-bulletins.xml
GCP-2024-040
Published: 2024-07-10
Description
Severity
Notes
The Migrate Connector,
the virtual appliance used to connect VMware sources to Migrate to Virtual Machines,
is exposed to a security vulnerability on OpenSSH Daemon(SSHD)
(CVE-2024-6387).
What should I do?
Migrate Connector version 2.6.2497 has been released to mitigate this
issue, and is being gradually rolled out. To apply it, go to the
Migrate to Virtual Machines page on the Google Cloud console. Once an update for your source appliance is available,
you will see a banner with the words An update is available for your source.
Approve the update to initiate the version update on the Migrate Connector.
For more information, see Modify a Migrate Connector configuration.
To mitigate the risk immediately, use any of the following options:
Sign in to the Migrate Connector and run the following command:
sudo sed -i 's/#LoginGraceTime 2m/LoginGraceTime 0/g' /etc/ssh/sshd_config
or
Edit /etc/ssh/sshd_config manually, uncomment the entry
for LoginGraceTime and set its value to 0.
Restart SSHD by running the following command:
sudo systemctl restart ssh
What vulnerabilities are being addressed?
A remote code execution vulnerability, CVE-2024-6387, was recently discovered in OpenSSH.
The vulnerability exploits a race condition that can be used to obtain
access to a remote shell, enabling attackers to gain root access. At the
time of publication, exploitation is believed to be difficult and take
several hours per machine being attacked. We are not aware of any
exploitation attempts.