CVE-2024-6387

{"id": "CVE-2024-6387", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2024-07-01T13:15:06.467", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Jul/18", "source": "secalert@redhat.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/19", "source": "secalert@redhat.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/20", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/01/12", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/01/13", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/02/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/03/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/03/11", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/03/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/03/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/03/4", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/03/5", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/04/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/04/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/08/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/08/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/09/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/09/5", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/10/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/10/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/10/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/10/4", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/10/6", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/11/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/11/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/23/4", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/23/6", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/28/2", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/28/3", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4312", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4340", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4389", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4469", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4474", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4479", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4484", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/CVE-2024-6387", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/", "tags": ["Press/Media Coverage", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server", "tags": ["Exploit", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://explore.alas.aws.amazon.com/CVE-2024-6387.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/AlmaLinux/updates/issues/629", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/Azure/AKS/issues/4379", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/PowerShell/Win32-OpenSSH/discussions/2248", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2249", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/microsoft/azurelinux/issues/9555", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/oracle/oracle-linux/issues/149", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/rapier1/hpn-ssh/issues/87", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/zgzhang/cve-2024-6387-poc", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://news.ycombinator.com/item?id=40843778", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html", "source": "secalert@redhat.com"}, {"url": "https://security-tracker.debian.org/tracker/CVE-2024-6387", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.netapp.com/advisory/ntap-20240701-0001/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://sig-security.rocky.page/issues/CVE-2024-6387/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://support.apple.com/kb/HT214118", "source": "secalert@redhat.com"}, {"url": "https://support.apple.com/kb/HT214119", "source": "secalert@redhat.com"}, {"url": "https://support.apple.com/kb/HT214120", "source": "secalert@redhat.com"}, {"url": "https://ubuntu.com/security/CVE-2024-6387", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://ubuntu.com/security/notices/USN-6859-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.openssh.com/txt/release-9.8", "tags": ["Release Notes", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt", "tags": ["Exploit", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.suse.com/security/cve/CVE-2024-6387.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.theregister.com/2024/07/01/regresshion_openssh/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-362"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-364"}]}], "descriptions": [{"lang": "en", "value": "A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period."}, {"lang": "es", "value": "Se encontr\u00f3 una condici\u00f3n de ejecuci\u00f3n del controlador de se\u00f1ales en el servidor de OpenSSH (sshd), donde un cliente no se autentica dentro de los segundos de LoginGraceTime (120 de forma predeterminada, 600 en versiones anteriores de OpenSSH), luego se llama al controlador SIGALRM de sshd de forma asincr\u00f3nica. Sin embargo, este controlador de se\u00f1ales llama a varias funciones que no son seguras para se\u00f1ales as\u00edncronas, por ejemplo, syslog()."}], "lastModified": "2024-07-30T02:15:08.387", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1102FFF5-77B1-400E-93F8-AC6CFE2CC93C", "versionEndExcluding": "4.4"}, {"criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC13B91D-82A4-48B1-83AB-EC129C83D316", "versionEndExcluding": "9.8", "versionStartIncluding": "8.6"}, {"criteria": "cpe:2.3:a:openbsd:openssh:4.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C37CBBB-A4AA-40D0-9609-0620FDC12BA8"}, {"criteria": "cpe:2.3:a:openbsd:openssh:8.5:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7945F60B-460E-4CA6-9EB4-BEE663386D50"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B03506D7-0FCD-47B7-90F6-DDEEB5C5A733"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01363FFA-F7A6-43FC-8D47-E67F95410095"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB056B47-1F45-4CE4-81F6-872F66C24C29"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F843B777-5C64-4CAE-80D6-89DC2C9515B1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39D345D3-108A-4551-A112-5EE51991411A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_micro:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09F471C6-69AF-4E78-8143-17E783C80B9F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.10:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "47842532-D2B6-44CB-ADE2-4AC8630A4D8C"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "21538C5B-A130-411E-B5F7-BBBA4C9D488A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amazon:linux_2023:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D4BE4FC-249C-4B58-9513-BF482444CB64"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C5DA53D-744B-4087-AEA9-257F18949E4D", "versionEndIncluding": "11.70.2", "versionStartIncluding": "11.0.0"}, {"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797"}, {"criteria": "cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*", "vulnerable": true, "matchCriteriaId": "C2D814BE-93EC-42EF-88C5-EA7E7DF07BE5"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A87EFA20-DD6B-41C5-98FD-A29F67D2E732"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2888B0C1-4D85-42EC-9696-03FAD0A9C28F"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "556F4943-7BA4-4E09-94B3-4515DC3C7807"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p11:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AFEC561-D79B-498B-B59D-1D82B21BDF1A"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3306F11-D3C0-41D6-BB5E-2ABDC3927715"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E584FE1-3A34-492B-B10F-508DA7CBA768"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5605E90-D125-4CC9-8B9F-F5EED9D4EE0C"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "761B4382-E857-4868-9F80-189B7F60256B"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51B17801-15FD-4425-BA6C-BE06B14F1BFE"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9CAFF74-AD36-4D29-83F3-23E0417C485D"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B2D2A82-BFFE-45FE-9F79-4AF12C6DE69D"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7A81663-047E-4328-BE3A-CF65AB55B29F"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17DAE911-21E1-4182-85A0-B9F0059DDA7F"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.3:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABEA48EC-24EA-4106-9465-CE66B938635F"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.3:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DFB5BD0-E777-4CAA-B2E0-3F3357D06D01"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.3:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC8C769C-A23E-4F61-AC42-4DA64421B096"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA25530A-133C-4D7C-8993-D5C42D79A0B5"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:beta5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB7B021E-F4AD-44AC-96AB-8ACAF8AB1B88"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69A72B5A-2189-4700-8E8B-1E5E7CA86C40"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5771F187-281B-4680-B562-EFC7441A8F88"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A4437F5-9DDA-4769-974E-23BFA085E0DB"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9C3A3D4-C9F4-41EB-B532-821AF83470B1"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "878A1F0A-087F-47D7-9CA5-A54BB8D6676A"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE73CDC3-B5A7-4921-89C6-8F9DC426CB3E"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50A5E650-31FB-45BE-8827-641B58A83E45"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "038E5B85-7F60-4D71-8D3F-EDBF6E036CE0"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF309824-D379-4749-A1FA-BCB2987DD671"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79D770C6-7A57-4A49-8164-C55391F62301"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.1:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA813990-8C8F-4EE8-9F2B-9F73C510A7B2"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6A2EBE8-012E-470E-9E56-56ACBE345F78", "versionEndIncluding": "10.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}