vulnerability

Red Hat OpenShift: CVE-2024-6387: openssh: regreSSHion - race condition in SSH allows RCE/DoS

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	2024-07-01	2024-07-17	2025-04-11

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

2024-07-01

Added

2024-07-17

Modified

2025-04-11

Description

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

Solution

linuxrpm-upgrade-rhcos

References

CVE-2024-6387
https://attackerkb.com/topics/CVE-2024-6387
REDHAT-RHSA-2024:4312
REDHAT-RHSA-2024:4340
REDHAT-RHSA-2024:4389
REDHAT-RHSA-2024:4469
REDHAT-RHSA-2024:4474
REDHAT-RHSA-2024:4479
REDHAT-RHSA-2024:4484

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today