Security bulletins
From time to time, we might release security bulletins related to Bare Metal Solution. All security bulletins for Bare Metal Solution are described here.
Use this XML feed to subscribe to security bulletins for this page.
GCP-2024-040
Published: 2024-07-02
Description | Severity | Notes |
---|---|---|
A vulnerability CVE-2024-6387 was discovered in OpenSSH server (sshd).
This vulnerability is exploitable remotely on glibc-based linux systems:
an unauthenticated remote code execution as root, because it affects
sshd's privileged code, which is not sandboxed and runs with full
privileges.
Bare Metal Solution impactBased on our investigations, we are not aware of any exploitation attempts on existing Google managed Bare Metal Solution infrastructure. What should I do?
|
Critical |