RedhatCVELIST:CVE-2024-6387CVE-2024-6387 Openssh: possible remote code execution due to a race condition in signal handling
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.791 High
EPSS
Percentile
98.3%
A security regression (CVE-2006-5051) was discovered in OpenSSH’s server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
CNA Affected
[
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 6",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openssh",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openssh",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openssh",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openssh",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
}
]References
www.openwall.com/lists/oss-security/2024/07/01/12
www.openwall.com/lists/oss-security/2024/07/01/13
www.openwall.com/lists/oss-security/2024/07/02/1
www.openwall.com/lists/oss-security/2024/07/03/1
www.openwall.com/lists/oss-security/2024/07/03/2
www.openwall.com/lists/oss-security/2024/07/03/3
access.redhat.com/security/cve/CVE-2024-6387
archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/
blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
bugzilla.redhat.com/show_bug.cgi?id=2294604
explore.alas.aws.amazon.com/CVE-2024-6387.html
ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc
github.com/oracle/oracle-linux/issues/149
github.com/rapier1/hpn-ssh/issues/87
github.com/zgzhang/cve-2024-6387-poc
lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html
lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html
news.ycombinator.com/item?id=40843778
psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010
security-tracker.debian.org/tracker/CVE-2024-6387
security.netapp.com/advisory/ntap-20240701-0001/
stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/
ubuntu.com/security/CVE-2024-6387
ubuntu.com/security/notices/USN-6859-1
www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc
www.openssh.com/txt/release-9.8
www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
www.suse.com/security/cve/CVE-2024-6387.html
www.theregister.com/2024/07/01/regresshion_openssh/
Related
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.791 High
EPSS
Percentile
98.3%