CVE-2024-6387

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-6387
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-6387.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-6387
Downstream
Related
Published
2024-07-01T13:15:06.467Z
Modified
2026-02-19T02:04:13.036877Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

References

Affected packages

Git / github.com/openela-main/openssh

Affected ranges

Type
GIT
Repo
https://github.com/openela-main/openssh
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
e1f438970e5a337a17070a637c1b9e19697cad09

Affected versions

imports/el9/openssh-8.*
imports/el9/openssh-8.7p1-30.el9_2
imports/el9/openssh-8.7p1-34.el9
imports/el9/openssh-8.7p1-34.el9_3.3
imports/el9/openssh-8.7p1-38.el9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-6387.json"