CVE-2024-6387

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Jul 1, 2024

Updated: Jul 30, 2024

CWE ID 364

CWE ID 362

Summary

CVE-2024-6387 is a newly discovered vulnerability in OpenSSH's server (sshd). This issue is a regression of a previously fixed security flaw, CVE-2006-5051. A race condition exists within sshd's signal handling mechanism, allowing an unauthenticated, remote attacker to exploit it by failing to authenticate within a specified time. The consequence can result in the server processing certain signals unsafely.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

OpenSSH
NetBSD
Netapp E-series Santricity Os Controller
Ubuntu Linux
Rocky Linux

Affected Vendors

OpenBSD Project
Debian
Netbsd
Red Hat
NetApp

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wrrFuj
https://www.cve.org/CVERecord?id=CVE-2024-6387
https://nvd.nist.gov/vuln/detail/CVE-2024-6387

Back to Vulnerability Database