NixOS is a Linux distribution built on top of the Nix package manager. It is completely declarative, its system configurations are reproducible, makes configuration changes reliable and atomic, and eliminates configuration drift.

NixOS

AlmaLinux OS is an open-source, community-driven Linux operating system that fills the gap left by the discontinuation of the CentOS Linux stable release. AlmaLinux OS is a 1:1 binary compatible fork of RHEL®, guided and built by the community.

Alma Linux

Red Hat Enterprise Linux CoreOS (RHCOS) is an operating system based on Red Hat Enterprise Linux (RHEL) that is optimized for running containerized workloads in a clustered environment. It is designed to be used as the foundation for building and managing large-scale, container-based applications and services, such as those used in cloud-native and Kubernetes deployments. RHCOS includes built-in support for automatic updates, self-healing, and other features that are necessary for running distributed systems at scale.

Red Hat Enterprise Linux CoreOS (RHCOS)

CBL Marine is an open source distro, created by Microsoft. Mainly used in Azure cloud and Microsoft Internally.

CBL Mariner

The OpenSSH client allows establishing secure and authenticated SSH connections to SSH servers.

OpenSSH

macOS is an operating system developed by Apple Inc. for its line of Macintosh computers. It is a Unix-based graphical interface OS that features advanced security, intuitive design, and seamless integration with other Apple products and services.

macOS

Homebrew is a free and open-source software package management system that simplifies the installation of software on Apple's macOS operating system and Linux. The name is intended to suggest the idea of building software on the Mac depending on the user's taste. Originally written by Max Howell, the package manager has gained popularity in the Ruby on Rails community and earned praise for its extensibility.

Homebrew

OpenShift Node is a component of Red Hat OpenShift, a Kubernetes-based container platform. It refers to the worker machines in an OpenShift cluster that run containerized applications. OpenShift Nodes are responsible for executing and managing the containers, providing the compute resources necessary for running applications and services within the OpenShift environment.

OpenShift Node

Debian GNU/Linux is a Linux distribution composed of free and open-source software.

Linux Debian

Ubuntu is a Linux distribution based on Debian, mostly composed of free and open-source software. Ubuntu is officially released in three editions: Desktop, Server, and Core for internet of things devices and robots. All the editions can run on the computer alone or in a virtual machine.

Linux Ubuntu

Fedora is a popular open-source, Linux-based operating system.

Linux Fedora

Red Hat Enterprise Linux is a Linux distribution developed by Red Hat for the commercial market.

Linux Red Hat

Linux openSUSE

The Amazon Linux is a supported and maintained Linux image provided by Amazon Web Services for use on Amazon Elastic Compute Cloud (Amazon EC2).

Amazon Linux

Alpine Linux is a Linux distribution based on musl and BusyBox, designed for security, simplicity, and resource efficiency.

Linux Alpine

Gentoo is a highly flexible, source-based Linux distribution.

Linux Gentoo

Oracle Linux is a Linux distribution packaged and freely distributed by Oracle, available partially under the GNU General Public License since late 2006. It is compiled from Red Hat Enterprise Linux source code, replacing Red Hat branding with Oracle's.

Linux Oracle

Project Photon OS is an open-source, minimal Linux container host that is optimized for cloud-native applications, cloud platforms, and VMware infrastructure.

Linux Photon

Container-Optimized OS is an operating system image for Compute Engine VMs that is optimized for running Docker containers.

Container-Optimized OS

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

CVE-2024-6387:
NixOS vulnerability analysis and mitigation

8.1

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2024-6387: NixOS vulnerability analysis and mitigation