Security bulletins

Google Distributed Cloud connected ships with a version of OpenSSH vulnerable to the RegreSSHion attack. However, Distributed Cloud connected firewall configurations prevent external attacks against Distributed Cloud connected deployments. SSH ports are only accessible from within Google networks and the Distributed Cloud connected virtual networks. They are not accessible from external local networks or the internet.

Affected resources

• Distributed Cloud connected compute nodes (Dell servers)

Unaffected resources

• Distributed Cloud connected ToR switches (Cisco)

What should I do?

Google is working on an update to the OpenSSH server configuration that mitigates this attack. This update will be deployed to every Distributed Cloud connected installation as soon as Google successfully validates it. This update will ignore all maintenance windows and maintenance exclusion windows. Your workloads will not be disrupted by this update.