CVE-2024-6387

July 1, 2024, 7:15 p.m.

8.1
High

Description

A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().

Product(s) Impacted

Product Versions
OpenSSH
  • ['all versions']

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-364
Signal Handler Race Condition
The product uses a signal handler that introduces a race condition.

CVSS Score

8.1 / 10

CVSS Data - 3.1

  • Attack Vector: NETWORK
  • Attack Complexity: HIGH
  • Privileges Required: NONE
  • Scope: UNCHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH
  • CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

    View Vector String

Timeline

Published: July 1, 2024, 1:15 p.m.
Last Modified: July 1, 2024, 7:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

secalert@redhat.com

Relations

Here is the list of observables linked to the vulnerability CVE-2024-6387 using threat intelligence.

Linked Attack Reports

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.