logo

Security Advisories

Documentation Cloud Services Solutions

CV_2024_07_1: OpenSSH Security Regression (CVE-2006-5051) Vulnerability NO IMPACT

  • Advisory ID: CV_2024_07_1
  • Issued: 2024-07-25
  • Updated: 2024-09-16
  • Additional Links:

This vulnerability impacts Commvault Virtual Appliances (OVA) for Access Node and MediaAgent (FREL).

Impacted Products

This vulnerability does not affect Commvault products.

Resolution

We recommend that you redeploy the latest OVA from Commvault Store. For more information, see Deploying a VMware Access Node for Linux.

If you are unable to refresh the currently deployed VMs, then we recommend the following actions on these systems:

  1. For an instant upgrade, run the  dnf upgrade command on the VM. This is a one-time operation and it will bring the system up-to-date with the currently released updates.

  2. If the kernel was upgraded as part of this upgrade, you may need to reboot the VM manually.

  3. To run a daily recurring check for system updates, complete the following steps on each VM:

    • In the commands section of the  /etc/dnf/automatic.conf file, modify the following settings:

    • [commands]

      #What kind of upgrade to perform:
      # default = all available upgrades
      # security = only the security upgrades
      upgrade_type = security

      # When the system should reboot following upgrades:
      # never = don't reboot after upgrades
      # when-changed = reboot after any changes
      # when-needed = reboot when necessary to apply changes
      reboot = when-needed

    • Run the following commands to enable the dnf-automatic-install.timer to enable and trigger automatic update installs:

    • $> systemctl enable   dnf-automatic-install.timer  
      $> systemctl start    dnf-automatic-install.timer 

CVE Details

Info Description

Documentation

https://documentation.commvault.com