OpenSSH has released security updates to address a critical flaw in the sshd server component, allowing unauthenticated remote code execution with root privileges on glibc-based Linux systems. The vulnerability, designated as CVE-2024-6387, poses a serious threat, impacting systems between versions 8.5p1 and 9.7p1. This flaw, a race condition in the signal handler, was identified by Qualys, with potentially 14 million OpenSSH server instances at risk. Despite being a regression of CVE-2006-5051, OpenSSH has reinstated the bug in recent versions, leaving systems vulnerable to exploitation. Successful attacks result in full system compromise, enabling threat actors to execute arbitrary code and bypass security measures. To mitigate risks, users are urged to update to the latest patches and implement network controls to limit SSH access. The incident underscores the importance of rigorous regression testing to prevent the reintroduction of known vulnerabilities into the environment.