CVE-2024-6387
published 2024-07-01CVE-2024-6387: A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an…
high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
EXPLOIT
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Affected
60 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| almalinux | almalinux | — | — |
| amazon | amazon_linux | — | — |
| apple | macos | >= 12.0 < 12.7.6 | 12.7.6 |
| apple | macos | >= 13.0 < 13.6.8 | 13.6.8 |
| apple | macos | >= 14.0 < 14.6 | 14.6 |
| apple | macos_monterey | — | — |
| apple | macos_sonoma | — | — |
| apple | macos_ventura | — | — |
| arista | eos | 4.32.0 – 4.32.1f | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | openssh | < openssh 1:9.2p1-2+deb12u3 (bookworm) | openssh 1:9.2p1-2+deb12u3 (bookworm) |
| debian | openssh | — | — |
| freebsd | freebsd | < 13.0 | 13.0 |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | >= 13.1 < 13.3 | 13.3 |
| freebsd | freebsd | >= 13.3-RELEASE < p5 | p5 |
| freebsd | freebsd | >= 14.0-RELEASE < p9 | p9 |
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
osv8.1HIGH
vulncheck8.1HIGH