Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2024-6387

CWE-364 CWE-362 — Race Condition33 documents21 sources

Severity

8.1HIGH

EPSS

44.6%

top 2.43%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Freebsd Freebsd Apple Macos Openbsd Openssh +20 more

Timeline

PublishedJul 1

Latest updateAug 12

Description

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages7 packages

▶NVDopenbsd/openssh8.6 — 9.8+4

▶Debianopenssh< 1:9.2p1-2+deb12u3+2

▶NVDapple/macos12.0 — 12.7.6+2

▶CVEListV5freebsd/freebsd14.1-RELEASE — p3+2

▶NVDarista/eos4.32.0 — 4.32.1f

Also affects: Ontap 9, Freebsd 13.2, 13.3, 14.0, 14.1, Ontap Tools 10, 9, Almalinux 9.0, Amazon Linux 2023.0, Debian Linux 12.0, Ubuntu Linux 22.04, 22.10, 23.04, 23.10, 24.04, Enterprise Linux 9.0, 9.4, Linux Enterprise Micro 6.0, Openshift Container Platform 4.0

Patches

Patch: www.openwall.com ↗Patch: github.com ↗Patch: lists.mindrot.org ↗

🔴Vulnerability Details

GHSA

GHSA-2x8c-95vh-gfv4: A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by defau↗2024-07-01

▶

OSV

CVE-2024-6387: A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd)↗2024-07-01

▶

CVEList

Openssh: regresshion - race condition in ssh allows rce/dos↗2024-07-01

▶

VulnCheck

SonicWall sma_6200_firmware Signal Handler Race Condition↗2024

▶

💥Exploits & PoCs

Exploit-DB

OpenSSH server (sshd) 9.8p1 - Race Condition↗2025-04-22

▶

📋Vendor Advisories

Oracle

Oracle Oracle Communications Risk Matrix: Patch (OpenSSH) — CVE-2024-6387↗2024-10-15

▶

Red Hat

openssh: OpenSSH pre-authentication async signal safety issue↗2024-08-12

▶

BSD

FreeBSD-SA-24:08.openssh: OpenSSH pre-authentication async signal safety issue↗2024-08-07

▶

Apple

CVE-2024-6387: macOS Ventura 13.6.8↗2024-07-29

▶

Apple

CVE-2024-6387: macOS Sonoma 14.6↗2024-07-29

▶

🕵️Threat Intelligence

Qualys

Two Pwnie Awards, One Crucial Lesson: What Our OpenSSH Research Reveals About Cyber Defense in 2025↗2025-08-12

▶

Qualys

Two Pwnie Awards, One Crucial Lesson: What Our OpenSSH Research Reveals About Cyber Defense in 2025 | Qualys↗2025-08-12

▶

Securelist

Exploits and vulnerabilities in Q3 2024↗2024-12-06

▶

Securelist

Analyzing the vulnerability landscape in Q3 2024↗2024-12-06

▶

Trendmicro

The Potential Impact of the OpenSSH Vulnerabilities CVE-2024–6387 and CVE-2024-6409↗2024-07-17

▶