CVE-2024-6387

UNKNOWN

Published 2024-07-01T12:37:25.431Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-6387. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1

8.1

/10

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score Metrics

Exploitability: N/A Impact: N/A

EPSS Score

v2023.03.01

0.003

probability

of exploitation in the wild

There is a 0.3% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-01-25

Exploit Probability

Percentile: 0.653

Higher than 65.3% of all CVEs

Attack Vector Metrics

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Impact Metrics

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Description

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Red Hat

Red Hat Enterprise Linux 8

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-2x8c-95vh-gfv4

Advisory Details

A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().

CVSS Scoring

CVSS Score

7.5

CVSS Vector


                                    CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-6387

WEB https://github.com/rapier1/hpn-ssh/issues/87

WEB https://github.com/oracle/oracle-linux/issues/149

WEB https://github.com/microsoft/azurelinux/issues/9555

WEB https://github.com/PowerShell/Win32-OpenSSH/issues/2249

WEB https://github.com/Azure/AKS/issues/4379

WEB https://github.com/AlmaLinux/updates/issues/629

WEB https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09

WEB https://access.redhat.com/errata/RHSA-2024:4312

WEB https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010

WEB https://santandersecurityresearch.github.io/blog/sshing_the_masses.html

WEB https://security-tracker.debian.org/tracker/CVE-2024-6387

WEB https://security.netapp.com/advisory/ntap-20240701-0001

WEB https://sig-security.rocky.page/issues/CVE-2024-6387

WEB https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution

WEB https://support.apple.com/kb/HT214118

WEB https://support.apple.com/kb/HT214119

WEB https://support.apple.com/kb/HT214120

WEB https://ubuntu.com/security/CVE-2024-6387

WEB https://ubuntu.com/security/notices/USN-6859-1

WEB https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do

WEB https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100

WEB https://www.exploit-db.com/exploits/52269

WEB https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc

WEB https://www.openssh.com/txt/release-9.8

WEB https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt

WEB https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html

WEB https://www.suse.com/security/cve/CVE-2024-6387.html

WEB https://www.theregister.com/2024/07/01/regresshion_openssh

WEB https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387

WEB https://access.redhat.com/errata/RHSA-2024:4340

WEB https://access.redhat.com/errata/RHSA-2024:4389

WEB https://access.redhat.com/errata/RHSA-2024:4469

WEB https://access.redhat.com/errata/RHSA-2024:4474

WEB https://access.redhat.com/errata/RHSA-2024:4479

WEB https://access.redhat.com/errata/RHSA-2024:4484

WEB https://access.redhat.com/security/cve/CVE-2024-6387

WEB https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1

WEB https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux

WEB https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server

WEB https://bugzilla.redhat.com/show_bug.cgi?id=2294604

WEB https://explore.alas.aws.amazon.com/CVE-2024-6387.html

WEB https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132

WEB https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc

WEB https://github.com/PowerShell/Win32-OpenSSH/discussions/2248

WEB https://github.com/zgzhang/cve-2024-6387-poc

WEB https://lists.almalinux.org/archives/list/[email protected]/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY

WEB https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html

WEB https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html

WEB https://news.ycombinator.com/item?id=40843778

WEB https://packetstorm.news/files/id/190587

WEB http://seclists.org/fulldisclosure/2024/Jul/18

WEB http://seclists.org/fulldisclosure/2024/Jul/19

WEB http://seclists.org/fulldisclosure/2024/Jul/20

WEB http://www.openwall.com/lists/oss-security/2024/07/01/12

WEB http://www.openwall.com/lists/oss-security/2024/07/01/13

WEB http://www.openwall.com/lists/oss-security/2024/07/02/1

WEB http://www.openwall.com/lists/oss-security/2024/07/03/1

WEB http://www.openwall.com/lists/oss-security/2024/07/03/11

WEB http://www.openwall.com/lists/oss-security/2024/07/03/2

WEB http://www.openwall.com/lists/oss-security/2024/07/03/3

WEB http://www.openwall.com/lists/oss-security/2024/07/03/4

WEB http://www.openwall.com/lists/oss-security/2024/07/03/5

WEB http://www.openwall.com/lists/oss-security/2024/07/04/1

WEB http://www.openwall.com/lists/oss-security/2024/07/04/2

WEB http://www.openwall.com/lists/oss-security/2024/07/08/2

WEB http://www.openwall.com/lists/oss-security/2024/07/08/3

WEB http://www.openwall.com/lists/oss-security/2024/07/09/2

WEB http://www.openwall.com/lists/oss-security/2024/07/09/5

WEB http://www.openwall.com/lists/oss-security/2024/07/10/1

WEB http://www.openwall.com/lists/oss-security/2024/07/10/2

WEB http://www.openwall.com/lists/oss-security/2024/07/10/3

WEB http://www.openwall.com/lists/oss-security/2024/07/10/4

WEB http://www.openwall.com/lists/oss-security/2024/07/10/6

WEB http://www.openwall.com/lists/oss-security/2024/07/11/1

WEB http://www.openwall.com/lists/oss-security/2024/07/11/3

WEB http://www.openwall.com/lists/oss-security/2024/07/23/4

WEB http://www.openwall.com/lists/oss-security/2024/07/23/6

WEB http://www.openwall.com/lists/oss-security/2024/07/28/2

WEB http://www.openwall.com/lists/oss-security/2024/07/28/3

Advisory provided by GitHub Security Advisory Database. Published: July 1, 2024, Modified: April 24, 2025

References

https://access.redhat.com/errata/RHSA-2024:4312

https://access.redhat.com/errata/RHSA-2024:4340

https://access.redhat.com/errata/RHSA-2024:4389

https://access.redhat.com/errata/RHSA-2024:4469

https://access.redhat.com/errata/RHSA-2024:4474

https://access.redhat.com/errata/RHSA-2024:4479

https://access.redhat.com/errata/RHSA-2024:4484

https://access.redhat.com/security/cve/CVE-2024-6387

https://bugzilla.redhat.com/show_bug.cgi?id=2294604

https://santandersecurityresearch.github.io/blog/sshing_the_masses.html

https://www.openssh.com/txt/release-9.8

https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt

Published: 2024-07-01T12:37:25.431Z

Last Modified: 2025-05-21T18:20:20.790Z

Copied to clipboard!

CVE-2024-6387

Expert Analysis

CVSS Score

EPSS Score

Attack Vector Metrics

Impact Metrics

Description

Available Exploits

Related News

Affected Products

Unknown Product

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!