this post was submitted on 01 Jul 2024
245 points (98.8% liked)

Linux

5230 readers
208 users here now

A community for everything relating to the linux operating system

Also check out !linux_memes@programming.dev

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] mumblerfish@lemmy.world 37 points 4 months ago (1 children)

If I'm not mistaken, it seems like this is a timing attack and you need a lot of attack attempts to make it work. If you have like a fail2ban rule for ssh it should mitigate this attack to quite some degree, right? (Of course updating would still be the best).

[–] shasta@lemm.ee 12 points 4 months ago (1 children)

While statistically unlikely, it would be possible to exploit the vulnerability on the first attempt

[–] mumblerfish@lemmy.world 4 points 4 months ago