Lucene search

F5F5:K000140975

HistorySep 06, 2024 - 12:00 a.m.

K000140975: OpenSSH vulnerability CVE-2024-6409

2024-09-0600:00:00

my.f5.com

openssh

vulnerability

race condition

remote code execution

unprivileged user

sshd server

sigalrm handler

async-signal-safe

syslog.

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

AI Score

7.9

Confidence

Low

EPSS

Percentile

13.8%

JSON

Security Advisory Description

A race condition vulnerability was discovered in how signals are handled by OpenSSH’s server (sshd). If a remote attacker does not authenticate within a set time period, then sshd’s SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server. (CVE-2024-6409)

Impact

An attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.

Affected configurations

Vulners

Node

f5big-ip_next_central_managerMatch20.2.0

f5big-ip_next_central_managerMatch20.2.1

f5big-ip_nextMatch1.1.0

f5big-ip_nextMatch1.1.1

f5big-ip_nextMatch1.2.0

f5big-ip_nextMatch1.2.1

f5big-ip_nextMatch1.3.0

f5big-ip_nextMatch1.3.1

f5big-ip_nextMatch1.1.0

f5big-ip_nextMatch1.1.1

f5big-ip_nextMatch1.2.0

f5big-ip_nextMatch1.2.1

f5big-ip_nextMatch1.3.0

f5big-ip_nextMatch1.3.1

f5big-ip_nextMatch1.1.0

f5big-ip_nextMatch1.1.1

f5big-ip_nextMatch1.2.0

f5big-ip_nextMatch1.2.1

f5big-ip_nextMatch1.3.0

f5big-ip_nextMatch1.3.1

f5big-ip_ltmMatch20.2.0

f5big-ip_ltmMatch20.2.1

f5big-ip_nextMatch1.7.0

f5big-ip_nextMatch1.7.1

f5big-ip_nextMatch1.7.10

f5big-ip_nextMatch1.7.2

f5big-ip_nextMatch1.7.3

f5big-ip_nextMatch1.7.4

f5big-ip_nextMatch1.7.5

f5big-ip_nextMatch1.7.6

f5big-ip_nextMatch1.7.7

f5big-ip_nextMatch1.7.8

f5big-ip_nextMatch1.7.9

f5big-ip_nextMatch1.8.0

f5big-ip_nextMatch1.8.2

f5big-ip_nextMatch1.9.0

f5big-ip_nextMatch1.9.1

f5big-ip_nextMatch1.9.2

f5big-ip_nextMatch20.2.0

f5big-ip_nextMatch20.2.1

f5big-ipMatch15.1.0

f5big-ipMatch15.1.1

f5big-ipMatch15.1.10

f5big-ipMatch15.1.2

f5big-ipMatch15.1.3

f5big-ipMatch15.1.4

f5big-ipMatch15.1.5

f5big-ipMatch15.1.6

f5big-ipMatch15.1.7

f5big-ipMatch15.1.8

f5big-ipMatch15.1.9

f5big-ip_afmMatch15.1.0

f5big-ip_afmMatch15.1.1

f5big-ip_afmMatch15.1.10

f5big-ip_afmMatch15.1.2

f5big-ip_afmMatch15.1.3

f5big-ip_afmMatch15.1.4

f5big-ip_afmMatch15.1.5

f5big-ip_afmMatch15.1.6

f5big-ip_afmMatch15.1.7

f5big-ip_afmMatch15.1.8

f5big-ip_afmMatch15.1.9

f5big-ip_afmMatch16.1.0

f5big-ip_afmMatch16.1.1

f5big-ip_afmMatch16.1.2

f5big-ip_afmMatch16.1.3

f5big-ip_afmMatch16.1.4

f5big-ip_afmMatch16.1.5

f5big-ip_afmMatch17.1.0

f5big-ip_afmMatch17.1.1

f5big-ip_analyticsMatch15.1.0

f5big-ip_analyticsMatch15.1.1

f5big-ip_analyticsMatch15.1.10

f5big-ip_analyticsMatch15.1.2

f5big-ip_analyticsMatch15.1.3

f5big-ip_analyticsMatch15.1.4

f5big-ip_analyticsMatch15.1.5

f5big-ip_analyticsMatch15.1.6

f5big-ip_analyticsMatch15.1.7

f5big-ip_analyticsMatch15.1.8

f5big-ip_analyticsMatch15.1.9

f5big-ip_analyticsMatch16.1.0

f5big-ip_analyticsMatch16.1.1

f5big-ip_analyticsMatch16.1.2

f5big-ip_analyticsMatch16.1.3

f5big-ip_analyticsMatch16.1.4

f5big-ip_analyticsMatch16.1.5

f5big-ip_analyticsMatch17.1.0

f5big-ip_analyticsMatch17.1.1

f5big-ip_apmMatch15.1.0

f5big-ip_apmMatch15.1.1

f5big-ip_apmMatch15.1.10

f5big-ip_apmMatch15.1.2

f5big-ip_apmMatch15.1.3

f5big-ip_apmMatch15.1.4

f5big-ip_apmMatch15.1.5

f5big-ip_apmMatch15.1.6

f5big-ip_apmMatch15.1.7

f5big-ip_apmMatch15.1.8

f5big-ip_apmMatch15.1.9

f5big-ip_apmMatch16.1.0

f5big-ip_apmMatch16.1.1

f5big-ip_apmMatch16.1.2

f5big-ip_apmMatch16.1.3

f5big-ip_apmMatch16.1.4

f5big-ip_apmMatch16.1.5

f5big-ip_apmMatch17.1.0

f5big-ip_apmMatch17.1.1

f5big-ip_asmMatch15.1.0

f5big-ip_asmMatch15.1.1

f5big-ip_asmMatch15.1.10

f5big-ip_asmMatch15.1.2

f5big-ip_asmMatch15.1.3

f5big-ip_asmMatch15.1.4

f5big-ip_asmMatch15.1.5

f5big-ip_asmMatch15.1.6

f5big-ip_asmMatch15.1.7

f5big-ip_asmMatch15.1.8

f5big-ip_asmMatch15.1.9

f5big-ip_asmMatch16.1.0

f5big-ip_asmMatch16.1.1

f5big-ip_asmMatch16.1.2

f5big-ip_asmMatch16.1.3

f5big-ip_asmMatch16.1.4

f5big-ip_asmMatch16.1.5

f5big-ip_asmMatch17.1.0

f5big-ip_asmMatch17.1.1

f5big-ip_dnsMatch15.1.0

f5big-ip_dnsMatch15.1.1

f5big-ip_dnsMatch15.1.10

f5big-ip_dnsMatch15.1.2

f5big-ip_dnsMatch15.1.3

f5big-ip_dnsMatch15.1.4

f5big-ip_dnsMatch15.1.5

f5big-ip_dnsMatch15.1.6

f5big-ip_dnsMatch15.1.7

f5big-ip_dnsMatch15.1.8

f5big-ip_dnsMatch15.1.9

f5big-ip_dnsMatch16.1.0

f5big-ip_dnsMatch16.1.1

f5big-ip_dnsMatch16.1.2

f5big-ip_dnsMatch16.1.3

f5big-ip_dnsMatch16.1.4

f5big-ip_dnsMatch16.1.5

f5big-ip_dnsMatch17.1.0

f5big-ip_dnsMatch17.1.1

f5big-ipMatch15.1.0

f5big-ipMatch15.1.1

f5big-ipMatch15.1.10

f5big-ipMatch15.1.2

f5big-ipMatch15.1.3

f5big-ipMatch15.1.4

f5big-ipMatch15.1.5

f5big-ipMatch15.1.6

f5big-ipMatch15.1.7

f5big-ipMatch15.1.8

f5big-ipMatch15.1.9

f5big-ipMatch16.1.0

f5big-ipMatch16.1.1

f5big-ipMatch16.1.2

f5big-ipMatch16.1.3

f5big-ipMatch16.1.4

f5big-ipMatch16.1.5

f5big-ipMatch17.1.0

f5big-ipMatch17.1.1

f5big-ip_link_controllerMatch15.1.0

f5big-ip_link_controllerMatch15.1.1

f5big-ip_link_controllerMatch15.1.10

f5big-ip_link_controllerMatch15.1.2

f5big-ip_link_controllerMatch15.1.3

f5big-ip_link_controllerMatch15.1.4

f5big-ip_link_controllerMatch15.1.5

f5big-ip_link_controllerMatch15.1.6

f5big-ip_link_controllerMatch15.1.7

f5big-ip_link_controllerMatch15.1.8

f5big-ip_link_controllerMatch15.1.9

f5big-ip_link_controllerMatch16.1.0

f5big-ip_link_controllerMatch16.1.1

f5big-ip_link_controllerMatch16.1.2

f5big-ip_link_controllerMatch16.1.3

f5big-ip_link_controllerMatch16.1.4

f5big-ip_link_controllerMatch16.1.5

f5big-ip_link_controllerMatch17.1.0

f5big-ip_link_controllerMatch17.1.1

f5big-ip_ltmMatch15.1.0

f5big-ip_ltmMatch15.1.1

f5big-ip_ltmMatch15.1.10

f5big-ip_ltmMatch15.1.2

f5big-ip_ltmMatch15.1.3

f5big-ip_ltmMatch15.1.4

f5big-ip_ltmMatch15.1.5

f5big-ip_ltmMatch15.1.6

f5big-ip_ltmMatch15.1.7

f5big-ip_ltmMatch15.1.8

f5big-ip_ltmMatch15.1.9

f5big-ip_ltmMatch16.1.0

f5big-ip_ltmMatch16.1.1

f5big-ip_ltmMatch16.1.2

f5big-ip_ltmMatch16.1.3

f5big-ip_ltmMatch16.1.4

f5big-ip_ltmMatch16.1.5

f5big-ip_ltmMatch17.1.0

f5big-ip_ltmMatch17.1.1

f5big-ip_pemMatch15.1.0

f5big-ip_pemMatch15.1.1

f5big-ip_pemMatch15.1.10

f5big-ip_pemMatch15.1.2

f5big-ip_pemMatch15.1.3

f5big-ip_pemMatch15.1.4

f5big-ip_pemMatch15.1.5

f5big-ip_pemMatch15.1.6

f5big-ip_pemMatch15.1.7

f5big-ip_pemMatch15.1.8

f5big-ip_pemMatch15.1.9

f5big-ip_pemMatch16.1.0

f5big-ip_pemMatch16.1.1

f5big-ip_pemMatch16.1.2

f5big-ip_pemMatch16.1.3

f5big-ip_pemMatch16.1.4

f5big-ip_pemMatch16.1.5

f5big-ip_pemMatch17.1.0

f5big-ip_pemMatch17.1.1

f5nginx_agentMatch2.18.0

f5nginx_agentMatch2.19.0

f5nginx_agentMatch2.20.0

f5nginx_agentMatch2.20.1

f5nginx_agentMatch2.22.0

f5nginx_agentMatch2.22.1

f5nginx_agentMatch2.23.0

f5nginx_agentMatch2.23.1

f5nginx_agentMatch2.23.2

f5nginx_agentMatch2.23.3

f5nginx_agentMatch2.24.0

f5nginx_agentMatch2.24.1

f5nginx_agentMatch2.25.0

f5nginx_agentMatch2.25.1

f5nginx_agentMatch2.26.0

f5nginx_agentMatch2.26.1

f5nginx_agentMatch2.26.2

f5nginx_agentMatch2.27.0

f5nginx_agentMatch2.28.0

f5nginx_agentMatch2.28.1

f5nginx_agentMatch2.29.0

f5nginx_agentMatch2.30.0

f5nginx_agentMatch2.30.1

f5nginx_agentMatch2.30.2

f5nginx_agentMatch2.30.3

f5nginx_agentMatch2.31.0

f5nginx_agentMatch2.31.1

f5nginx_agentMatch2.31.2

f5nginx_agentMatch2.32.0

f5nginx_agentMatch2.32.1

f5nginx_agentMatch2.32.2

f5nginx_agentMatch2.33.0

f5nginx_agentMatch2.34.0

f5nginx_agentMatch2.34.1

f5nginx_agentMatch2.35.0

f5nginx_agentMatch2.35.1

f5nginx_agentMatch2.36.0

f5nginx_agentMatch2.36.1

f5nginx_agentMatch2.37.0

f5nginx_agentMatch2.38.0

f5nginx_api_connectivity_managerMatch1.0.0

f5nginx_api_connectivity_managerMatch1.1.0

f5nginx_api_connectivity_managerMatch1.1.1

f5nginx_api_connectivity_managerMatch1.2.0

f5nginx_api_connectivity_managerMatch1.3.0

f5nginx_api_connectivity_managerMatch1.3.1

f5nginx_api_connectivity_managerMatch1.4.0

f5nginx_api_connectivity_managerMatch1.4.1

f5nginx_api_connectivity_managerMatch1.5.0

f5nginx_api_connectivity_managerMatch1.6.0

f5nginx_api_connectivity_managerMatch1.7.0

f5nginx_api_connectivity_managerMatch1.8.0

f5nginx_api_connectivity_managerMatch1.9.0

f5nginx_api_connectivity_managerMatch1.9.1

f5nginx_api_connectivity_managerMatch1.9.2

f5nginx_app_protectMatch2.4.0

f5nginx_app_protectMatch3.0.0

f5nginx_app_protectMatch3.1.0

f5nginx_app_protectMatch4.0.1

f5nginx_app_protectMatch4.1.0

f5nginx_app_protectMatch4.2.0

f5nginx_app_protectMatch4.3.0

f5nginx_app_protectMatch4.4.0

f5nginx_app_protectMatch3.11.0

f5nginx_app_protectMatch3.12.1

f5nginx_app_protectMatch3.12.2

f5nginx_app_protectMatch4.0.0

f5nginx_app_protectMatch4.1.0

f5nginx_app_protectMatch4.10.0

f5nginx_app_protectMatch4.2.0

f5nginx_app_protectMatch4.3.0

f5nginx_app_protectMatch4.4.0

f5nginx_app_protectMatch4.5.0

f5nginx_app_protectMatch4.6.0

f5nginx_app_protectMatch4.7.0

f5nginx_app_protectMatch4.8.0

f5nginx_app_protectMatch4.8.1

f5nginx_app_protectMatch4.9.0

f5nginx_app_protectMatch5.0.0

f5nginx_app_protectMatch5.1.0

f5nginx_app_protectMatch5.2.0

f5nginx_controllerMatch3.18.3

f5nginx_controllerMatch3.19.1-apim

f5nginx_controllerMatch3.19.2-apim

f5nginx_controllerMatch3.19.3-apim

f5nginx_controllerMatch3.19.4-apim

f5nginx_controllerMatch3.19.5-apim

f5nginx_controllerMatch3.19.6-apim

f5nginx_controllerMatch3.20.0

f5nginx_controllerMatch3.20.1

f5nginx_controllerMatch3.21.0

f5nginx_controllerMatch3.22.0

f5nginx_controllerMatch3.22.1

f5nginx_controllerMatch3.22.2

f5nginx_controllerMatch3.22.3

f5nginx_controllerMatch3.22.4

f5nginx_controllerMatch3.22.5

f5nginx_controllerMatch3.22.6

f5nginx_controllerMatch3.22.7

f5nginx_controllerMatch3.22.8

f5nginx_controllerMatch3.22.9

f5nginx_ingress_controllerMatch1.12.5

f5nginx_ingress_controllerMatch2.2.1

f5nginx_ingress_controllerMatch2.2.2

f5nginx_ingress_controllerMatch2.3.0

f5nginx_ingress_controllerMatch2.4.0

f5nginx_ingress_controllerMatch2.4.1

f5nginx_ingress_controllerMatch2.4.2

f5nginx_ingress_controllerMatch3.0.0

f5nginx_ingress_controllerMatch3.0.1

f5nginx_ingress_controllerMatch3.0.2

f5nginx_ingress_controllerMatch3.1.0

f5nginx_ingress_controllerMatch3.1.1

f5nginx_ingress_controllerMatch3.2.0

f5nginx_ingress_controllerMatch3.2.1

f5nginx_ingress_controllerMatch3.3.0

f5nginx_ingress_controllerMatch3.3.1

f5nginx_ingress_controllerMatch3.4.0

f5nginx_ingress_controllerMatch3.4.1

f5nginx_ingress_controllerMatch3.4.2

f5nginx_ingress_controllerMatch3.5.0

f5nginx_ingress_controllerMatch3.5.1

f5nginx_ingress_controllerMatch3.5.2

f5nginx_ingress_controllerMatch3.6.0

f5nginx_ingress_controllerMatch3.6.1

f5nginx_ingress_controllerMatch3.6.2

f5nginx_instance_managerMatch2.10.0

f5nginx_instance_managerMatch2.10.1

f5nginx_instance_managerMatch2.11.0

f5nginx_instance_managerMatch2.12.0

f5nginx_instance_managerMatch2.13.0

f5nginx_instance_managerMatch2.13.1

f5nginx_instance_managerMatch2.14.0

f5nginx_instance_managerMatch2.14.1

f5nginx_instance_managerMatch2.15.0

f5nginx_instance_managerMatch2.15.1

f5nginx_instance_managerMatch2.16.0

f5nginx_instance_managerMatch2.17.0

f5nginx_instance_managerMatch2.17.1

f5nginx_instance_managerMatch2.17.2

f5nginx_instance_managerMatch2.5.0

f5nginx_instance_managerMatch2.5.1

f5nginx_instance_managerMatch2.6.0

f5nginx_instance_managerMatch2.7.0

f5nginx_instance_managerMatch2.8.0

f5nginx_instance_managerMatch2.9.0

f5nginx_instance_managerMatch2.9.1

f5nginx_security_monitoringMatch1.0.0

f5nginx_security_monitoringMatch1.1.0

f5nginx_security_monitoringMatch1.2.0

f5nginx_security_monitoringMatch1.3.0

f5nginx_security_monitoringMatch1.4.0

f5nginx_security_monitoringMatch1.5.0

f5nginx_security_monitoringMatch1.6.0

f5nginx_security_monitoringMatch1.7.0

f5nginx_security_monitoringMatch1.7.1

f5nginxMatchr27plus

f5nginxMatchr28plus

f5nginxMatchr29plus

f5nginxMatchr30plus

f5nginxMatchr31plus

f5nginxMatchr32plus

f5nginx_service_meshMatch1.1.0

f5nginx_service_meshMatch1.2.0

f5nginx_service_meshMatch1.2.1

f5nginx_service_meshMatch1.3.0

f5nginx_service_meshMatch1.3.1

f5nginx_service_meshMatch1.4.0

f5nginx_service_meshMatch1.4.1

f5nginx_service_meshMatch1.5.0

f5nginx_service_meshMatch1.6.0

f5nginx_service_meshMatch1.7.0

f5nginx_service_meshMatch2.0.0

f5nginxMatch1.27.0

f5nginxMatch1.28.0

f5nginxMatch1.29.0

f5nginxMatch1.29.1

f5nginxMatch1.30.0

f5nginxMatch1.31.0

f5nginxMatch1.31.1

f5nginxMatch1.32.0

f5nginxMatch1.32.1

f5f5os-aMatch1.5.1

f5f5os-aMatch1.5.2

f5f5os-aMatch1.7.0

f5f5os-cMatch1.6.0

f5f5os-cMatch1.6.1

f5f5os-cMatch1.6.2

f5big-iq_centralized_managementMatch8.2.0

f5big-iq_centralized_managementMatch8.3.0

f5big-ip_ddos_hybrid_defenderMatch15.1.0

f5big-ip_ddos_hybrid_defenderMatch15.1.1

f5big-ip_ddos_hybrid_defenderMatch16.1.0

f5big-ip_ddos_hybrid_defenderMatch17.1.0

f5ssl_orchestratorMatch15.1.0

f5ssl_orchestratorMatch15.1.1

f5ssl_orchestratorMatch15.1.2

f5ssl_orchestratorMatch15.1.9

f5ssl_orchestratorMatch16.1.0

f5ssl_orchestratorMatch16.1.1

f5ssl_orchestratorMatch16.1.3

f5ssl_orchestratorMatch16.1.4

f5ssl_orchestratorMatch17.1.0

f5ssl_orchestratorMatch17.1.1

f5traffix_signaling_delivery_controllerMatch5.1.0

f5traffix_signaling_delivery_controllerMatch5.2.0

VendorProductVersionCPE
f5big-ip_next_central_manager20.2.0cpe:2.3:a:f5:big-ip_next_central_manager:20.2.0:*:*:*:*:*:*:*
f5big-ip_next_central_manager20.2.1cpe:2.3:a:f5:big-ip_next_central_manager:20.2.1:*:*:*:*:*:*:*
f5big-ip_next1.1.0cpe:2.3:a:f5:big-ip_next:1.1.0:*:*:*:*:*:*:*
f5big-ip_next1.1.1cpe:2.3:a:f5:big-ip_next:1.1.1:*:*:*:*:*:*:*
f5big-ip_next1.2.0cpe:2.3:a:f5:big-ip_next:1.2.0:*:*:*:*:*:*:*
f5big-ip_next1.2.1cpe:2.3:a:f5:big-ip_next:1.2.1:*:*:*:*:*:*:*
f5big-ip_next1.3.0cpe:2.3:a:f5:big-ip_next:1.3.0:*:*:*:*:*:*:*
f5big-ip_next1.3.1cpe:2.3:a:f5:big-ip_next:1.3.1:*:*:*:*:*:*:*
f5big-ip_ltm20.2.0cpe:2.3:a:f5:big-ip_ltm:20.2.0:*:*:*:*:*:*:*
f5big-ip_ltm20.2.1cpe:2.3:a:f5:big-ip_ltm:20.2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
f5	big-ip_next_central_manager	20.2.0	cpe:2.3:a:f5:big-ip_next_central_manager:20.2.0:::::::*
f5	big-ip_next_central_manager	20.2.1	cpe:2.3:a:f5:big-ip_next_central_manager:20.2.1:::::::*
f5	big-ip_next	1.1.0	cpe:2.3:a:f5:big-ip_next:1.1.0:::::::*
f5	big-ip_next	1.1.1	cpe:2.3:a:f5:big-ip_next:1.1.1:::::::*
f5	big-ip_next	1.2.0	cpe:2.3:a:f5:big-ip_next:1.2.0:::::::*
f5	big-ip_next	1.2.1	cpe:2.3:a:f5:big-ip_next:1.2.1:::::::*
f5	big-ip_next	1.3.0	cpe:2.3:a:f5:big-ip_next:1.3.0:::::::*
f5	big-ip_next	1.3.1	cpe:2.3:a:f5:big-ip_next:1.3.1:::::::*
f5	big-ip_ltm	20.2.0	cpe:2.3:a:f5:big-ip_ltm:20.2.0:::::::*
f5	big-ip_ltm	20.2.1	cpe:2.3:a:f5:big-ip_ltm:20.2.1:::::::*