CVE-2024-6387

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
http://seclists.org/fulldisclosure/2024/Jul/18
http://seclists.org/fulldisclosure/2024/Jul/19
http://seclists.org/fulldisclosure/2024/Jul/20
http://www.openwall.com/lists/oss-security/2024/07/01/12	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/01/13	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/02/1	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/03/1	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/03/11	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/03/2	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/03/3	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/03/4	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/03/5	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/04/1	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/04/2	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/08/2	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/08/3	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/09/2	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/09/5	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/10/1	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/10/2	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/10/3	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/10/4	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/10/6	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/11/1	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/11/3	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/23/4	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/23/6	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/28/2
http://www.openwall.com/lists/oss-security/2024/07/28/3
https://access.redhat.com/errata/RHSA-2024:4312	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4340	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4389	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4469	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4474	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4479	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4484	Third Party Advisory
https://access.redhat.com/security/cve/CVE-2024-6387	Third Party Advisory
https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/	Third Party Advisory
https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/	Press/Media Coverage Third Party Advisory
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server	Exploit Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2294604	Issue Tracking Third Party Advisory
https://explore.alas.aws.amazon.com/CVE-2024-6387.html	Third Party Advisory
https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132	Third Party Advisory
https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc	Third Party Advisory
https://github.com/AlmaLinux/updates/issues/629	Issue Tracking Third Party Advisory
https://github.com/Azure/AKS/issues/4379	Issue Tracking Third Party Advisory
https://github.com/PowerShell/Win32-OpenSSH/discussions/2248	Issue Tracking Third Party Advisory
https://github.com/PowerShell/Win32-OpenSSH/issues/2249	Issue Tracking Third Party Advisory
https://github.com/microsoft/azurelinux/issues/9555	Issue Tracking Third Party Advisory
https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09	Third Party Advisory
https://github.com/oracle/oracle-linux/issues/149	Issue Tracking Third Party Advisory
https://github.com/rapier1/hpn-ssh/issues/87	Issue Tracking Third Party Advisory
https://github.com/zgzhang/cve-2024-6387-poc	Third Party Advisory
https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/	Mailing List Third Party Advisory
https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html	Mailing List Third Party Advisory
https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html	Mailing List Patch Third Party Advisory
https://news.ycombinator.com/item?id=40843778	Issue Tracking Patch Third Party Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010	Third Party Advisory
https://santandersecurityresearch.github.io/blog/sshing_the_masses.html
https://security-tracker.debian.org/tracker/CVE-2024-6387	Third Party Advisory
https://security.netapp.com/advisory/ntap-20240701-0001/	Third Party Advisory
https://sig-security.rocky.page/issues/CVE-2024-6387/	Third Party Advisory
https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/	Third Party Advisory
https://support.apple.com/kb/HT214118
https://support.apple.com/kb/HT214119
https://support.apple.com/kb/HT214120
https://ubuntu.com/security/CVE-2024-6387	Third Party Advisory
https://ubuntu.com/security/notices/USN-6859-1	Third Party Advisory
https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do	Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100	Third Party Advisory
https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc	Third Party Advisory
https://www.openssh.com/txt/release-9.8	Release Notes Third Party Advisory
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt	Exploit Third Party Advisory
https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html	Third Party Advisory
https://www.suse.com/security/cve/CVE-2024-6387.html	Third Party Advisory
https://www.theregister.com/2024/07/01/regresshion_openssh/	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:openbsd:openssh::::::::
	cpe:2.3:a:openbsd:openssh::::::::
	cpe:2.3:a:openbsd:openssh:4.4:-::::::
	cpe:2.3:a:openbsd:openssh:8.5:p1::::::

Configuration 2 (hide)

OR	cpe:2.3:a:redhat:openshift_container_platform:4.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:9.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:::::::*

Configuration 3 (hide)

cpe:2.3:o:suse:linux_enterprise_micro:6.0:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*

Configuration 5 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:22.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:22.10::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:23.04::::lts:::

Configuration 6 (hide)

cpe:2.3:o:amazon:linux_2023:-:*:*:*:*:*:*:*

Configuration 7 (hide)

OR	cpe:2.3:a:netapp:e-series_santricity_os_controller::::::::
	cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:::::::*
	cpe:2.3:a:netapp:ontap_tools:9:::::vmware_vsphere::

Configuration 8 (hide)

OR	cpe:2.3:o:freebsd:freebsd:13.2:-::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p1::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p10::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p11::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p2::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p3::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p4::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p5::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p6::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p7::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p8::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p9::::::
	cpe:2.3:o:freebsd:freebsd:13.3:-::::::
	cpe:2.3:o:freebsd:freebsd:13.3:p1::::::
	cpe:2.3:o:freebsd:freebsd:13.3:p2::::::
	cpe:2.3:o:freebsd:freebsd:13.3:p3::::::
	cpe:2.3:o:freebsd:freebsd:14.0:-::::::
	cpe:2.3:o:freebsd:freebsd:14.0:beta5::::::
	cpe:2.3:o:freebsd:freebsd:14.0:p1::::::
	cpe:2.3:o:freebsd:freebsd:14.0:p2::::::
	cpe:2.3:o:freebsd:freebsd:14.0:p3::::::
	cpe:2.3:o:freebsd:freebsd:14.0:p4::::::
	cpe:2.3:o:freebsd:freebsd:14.0:p5::::::
	cpe:2.3:o:freebsd:freebsd:14.0:p6::::::
	cpe:2.3:o:freebsd:freebsd:14.0:p7::::::
	cpe:2.3:o:freebsd:freebsd:14.0:rc3::::::
	cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1::::::
	cpe:2.3:o:freebsd:freebsd:14.1:-::::::
	cpe:2.3:o:freebsd:freebsd:14.1:p1::::::

Configuration 9 (hide)

cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*

History

30 Jul 2024, 02:15

Type	Values Removed	Values Added
References		() http://seclists.org/fulldisclosure/2024/Jul/18 - () http://seclists.org/fulldisclosure/2024/Jul/19 -

30 Jul 2024, 01:15

Type	Values Removed	Values Added
References		() http://seclists.org/fulldisclosure/2024/Jul/20 -

29 Jul 2024, 22:15

Type	Values Removed	Values Added
References		() https://support.apple.com/kb/HT214118 - () https://support.apple.com/kb/HT214119 - () https://support.apple.com/kb/HT214120 -

29 Jul 2024, 09:15

Type	Values Removed	Values Added
References		() https://santandersecurityresearch.github.io/blog/sshing_the_masses.html -

28 Jul 2024, 21:15

Type	Values Removed	Values Added
References		() http://www.openwall.com/lists/oss-security/2024/07/28/2 - () http://www.openwall.com/lists/oss-security/2024/07/28/3 -

Information

Published : 2024-07-01 13:15

Updated : 2024-07-30 02:15

NVD link : CVE-2024-6387

Mitre link : CVE-2024-6387

CVE.ORG link : CVE-2024-6387

JSON object : View

Products Affected

redhat

enterprise_linux_eus
enterprise_linux_for_power_little_endian_eus
enterprise_linux_for_ibm_z_systems
enterprise_linux_for_arm_64_eus
enterprise_linux_server_aus
enterprise_linux
openshift_container_platform
enterprise_linux_for_arm_64
enterprise_linux_for_ibm_z_systems_eus
enterprise_linux_for_power_little_endian

netapp

e-series_santricity_os_controller
ontap_tools
ontap_select_deploy_administration_utility

freebsd

freebsd

amazon

linux_2023

canonical

ubuntu_linux

openbsd

openssh

suse

linux_enterprise_micro

debian

debian_linux

netbsd

netbsd

CWE

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-364

Signal Handler Race Condition

{"id": "CVE-2024-6387", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2024-07-01T13:15:06.467", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Jul/18", "source": "secalert@redhat.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/19", "source": "secalert@redhat.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/20", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/01/12", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/01/13", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/02/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/03/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/03/11", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/03/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/03/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/03/4", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/03/5", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/04/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/04/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/08/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/08/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/09/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/09/5", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/10/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/10/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/10/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/10/4", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/10/6", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/11/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/11/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/23/4", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/23/6", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/28/2", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/28/3", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4312", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4340", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4389", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4469", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4474", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4479", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4484", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/CVE-2024-6387", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/", "tags": ["Press/Media Coverage", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server", "tags": ["Exploit", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://explore.alas.aws.amazon.com/CVE-2024-6387.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/AlmaLinux/updates/issues/629", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/Azure/AKS/issues/4379", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/PowerShell/Win32-OpenSSH/discussions/2248", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2249", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/microsoft/azurelinux/issues/9555", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/oracle/oracle-linux/issues/149", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/rapier1/hpn-ssh/issues/87", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/zgzhang/cve-2024-6387-poc", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://news.ycombinator.com/item?id=40843778", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html", "source": "secalert@redhat.com"}, {"url": "https://security-tracker.debian.org/tracker/CVE-2024-6387", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.netapp.com/advisory/ntap-20240701-0001/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://sig-security.rocky.page/issues/CVE-2024-6387/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://support.apple.com/kb/HT214118", "source": "secalert@redhat.com"}, {"url": "https://support.apple.com/kb/HT214119", "source": "secalert@redhat.com"}, {"url": "https://support.apple.com/kb/HT214120", "source": "secalert@redhat.com"}, {"url": "https://ubuntu.com/security/CVE-2024-6387", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://ubuntu.com/security/notices/USN-6859-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.openssh.com/txt/release-9.8", "tags": ["Release Notes", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt", "tags": ["Exploit", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.suse.com/security/cve/CVE-2024-6387.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.theregister.com/2024/07/01/regresshion_openssh/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-362"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-364"}]}], "descriptions": [{"lang": "en", "value": "A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period."}, {"lang": "es", "value": "Se encontr\u00f3 una condici\u00f3n de ejecuci\u00f3n del controlador de se\u00f1ales en el servidor de OpenSSH (sshd), donde un cliente no se autentica dentro de los segundos de LoginGraceTime (120 de forma predeterminada, 600 en versiones anteriores de OpenSSH), luego se llama al controlador SIGALRM de sshd de forma asincr\u00f3nica. Sin embargo, este controlador de se\u00f1ales llama a varias funciones que no son seguras para se\u00f1ales as\u00edncronas, por ejemplo, syslog()."}], "lastModified": "2024-07-30T02:15:08.387", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1102FFF5-77B1-400E-93F8-AC6CFE2CC93C", "versionEndExcluding": "4.4"}, {"criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC13B91D-82A4-48B1-83AB-EC129C83D316", "versionEndExcluding": "9.8", "versionStartIncluding": "8.6"}, {"criteria": "cpe:2.3:a:openbsd:openssh:4.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C37CBBB-A4AA-40D0-9609-0620FDC12BA8"}, {"criteria": "cpe:2.3:a:openbsd:openssh:8.5:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7945F60B-460E-4CA6-9EB4-BEE663386D50"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B03506D7-0FCD-47B7-90F6-DDEEB5C5A733"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01363FFA-F7A6-43FC-8D47-E67F95410095"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB056B47-1F45-4CE4-81F6-872F66C24C29"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F843B777-5C64-4CAE-80D6-89DC2C9515B1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39D345D3-108A-4551-A112-5EE51991411A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_micro:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09F471C6-69AF-4E78-8143-17E783C80B9F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.10:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "47842532-D2B6-44CB-ADE2-4AC8630A4D8C"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "21538C5B-A130-411E-B5F7-BBBA4C9D488A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amazon:linux_2023:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D4BE4FC-249C-4B58-9513-BF482444CB64"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C5DA53D-744B-4087-AEA9-257F18949E4D", "versionEndIncluding": "11.70.2", "versionStartIncluding": "11.0.0"}, {"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797"}, {"criteria": "cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*", "vulnerable": true, "matchCriteriaId": "C2D814BE-93EC-42EF-88C5-EA7E7DF07BE5"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A87EFA20-DD6B-41C5-98FD-A29F67D2E732"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2888B0C1-4D85-42EC-9696-03FAD0A9C28F"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "556F4943-7BA4-4E09-94B3-4515DC3C7807"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p11:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AFEC561-D79B-498B-B59D-1D82B21BDF1A"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3306F11-D3C0-41D6-BB5E-2ABDC3927715"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E584FE1-3A34-492B-B10F-508DA7CBA768"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5605E90-D125-4CC9-8B9F-F5EED9D4EE0C"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "761B4382-E857-4868-9F80-189B7F60256B"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51B17801-15FD-4425-BA6C-BE06B14F1BFE"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9CAFF74-AD36-4D29-83F3-23E0417C485D"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B2D2A82-BFFE-45FE-9F79-4AF12C6DE69D"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7A81663-047E-4328-BE3A-CF65AB55B29F"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17DAE911-21E1-4182-85A0-B9F0059DDA7F"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.3:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABEA48EC-24EA-4106-9465-CE66B938635F"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.3:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DFB5BD0-E777-4CAA-B2E0-3F3357D06D01"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.3:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC8C769C-A23E-4F61-AC42-4DA64421B096"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA25530A-133C-4D7C-8993-D5C42D79A0B5"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:beta5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB7B021E-F4AD-44AC-96AB-8ACAF8AB1B88"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69A72B5A-2189-4700-8E8B-1E5E7CA86C40"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5771F187-281B-4680-B562-EFC7441A8F88"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A4437F5-9DDA-4769-974E-23BFA085E0DB"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9C3A3D4-C9F4-41EB-B532-821AF83470B1"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "878A1F0A-087F-47D7-9CA5-A54BB8D6676A"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE73CDC3-B5A7-4921-89C6-8F9DC426CB3E"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50A5E650-31FB-45BE-8827-641B58A83E45"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "038E5B85-7F60-4D71-8D3F-EDBF6E036CE0"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF309824-D379-4749-A1FA-BCB2987DD671"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79D770C6-7A57-4A49-8164-C55391F62301"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:14.1:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA813990-8C8F-4EE8-9F2B-9F73C510A7B2"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6A2EBE8-012E-470E-9E56-56ACBE345F78", "versionEndIncluding": "10.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}

8.1 /10