Remediation Steps

Follow the steps below to remediate this finding on Linux (Debian/Ubuntu).

1. Update OpenSSH to the latest available version:

   sudo apt update
   sudo apt upgrade openssh-server

2. Verify the installed version:

   ssh -V

3. If the distribution repositories do not provide a patched version, consider building from source or using a backports repository:

   sudo apt install -t $(lsb_release -cs)-backports openssh-server

4. Restart the SSH service:

   sudo systemctl restart ssh