CVE-2024-6387

CVSS V2 None CVSS V3 None
Description
A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().
Overview
  • CVE ID
  • CVE-2024-6387
  • Assigner
  • redhat
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-07-01T12:37:25.431Z
  • Last Modified Date
  • 2024-07-02T03:55:36.192Z
Weakness Enumerations
CWE URL
CWE-364 http://cwe.mitre.org/data/definitions/364.html
References
Reference URL Reference Tags
http://www.openwall.com/lists/oss-security/2024/07/01/12
https://access.redhat.com/security/cve/CVE-2024-6387 vdb-entry x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2294604 issue-tracking x_refsource_REDHAT
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
https://github.com/zgzhang/cve-2024-6387-poc
https://ubuntu.com/security/CVE-2024-6387
https://ubuntu.com/security/notices/USN-6859-1
https://www.suse.com/security/cve/CVE-2024-6387.html
https://explore.alas.aws.amazon.com/CVE-2024-6387.html
https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/
https://www.openssh.com/txt/release-9.8
https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html
https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
https://www.theregister.com/2024/07/01/regresshion_openssh/
https://news.ycombinator.com/item?id=40843778
https://security-tracker.debian.org/tracker/CVE-2024-6387
https://github.com/oracle/oracle-linux/issues/149
https://github.com/rapier1/hpn-ssh/issues/87
https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010
http://www.openwall.com/lists/oss-security/2024/07/01/13
https://security.netapp.com/advisory/ntap-20240701-0001/
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2024-6387
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6387
History
Created Old Value New Value Data Type Notes
2024-07-02 13:03:42 Added to TrackCVE