OpenSSH Vulnerability(CVE-2024-6387)


There seems to be a vulnerability issue with OpenSSH,
Do you have any plans to address this issue in future releases of Jetpack?

CVE-2024-6387 | Ubuntu

Let me forward this issue to internal team to confirm whether it impacts the current JetPack SW, will update to you once clarified. Thanks

By the update from itnernal team, we are evaluating, and we will pick up the fixes in the next releases.

Thank you for your information.

Is this going to be fixed in both Jetpack 5.1.4 and Jetpack 6.1?

Per, Ubuntu focal is not vulnerable, so just Ubuntu jammy has fix released.
We upgraded all packages for all Ubuntu 20.04/22.04 samplefs flavors on 7/7/2024, and openssh-server package was already the latest version with the fix.

This is an openssh server issue.
There should be no firmware was impacted by this issue.

Above are the latest comments from internal team.

So once we have newer release - Jetpack 5.1.4 and Jetpack 6.1, that will not be an issue.

Thank you for your information!