Описание
ELSA-2024-4312: openssh security update (IMPORTANT)
[8.7p1-38.0.2.1]
- Update upstream references [Orabug: 36564626]
[8.7p1-38.1]
- Possible remote code execution due to a race condition (CVE-2024-6387) Resolves: RHEL-45347
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
openssh
8.7p1-38.0.2.el9_4.1
openssh-askpass
8.7p1-38.0.2.el9_4.1
openssh-clients
8.7p1-38.0.2.el9_4.1
openssh-keycat
8.7p1-38.0.2.el9_4.1
openssh-server
8.7p1-38.0.2.el9_4.1
pam_ssh_agent_auth
0.10.4-5.38.0.2.el9_4.1
Oracle Linux x86_64
openssh
8.7p1-38.0.2.el9_4.1
openssh-askpass
8.7p1-38.0.2.el9_4.1
openssh-clients
8.7p1-38.0.2.el9_4.1
openssh-keycat
8.7p1-38.0.2.el9_4.1
openssh-server
8.7p1-38.0.2.el9_4.1
pam_ssh_agent_auth
0.10.4-5.38.0.2.el9_4.1
Связанные CVE
Связанные уязвимости
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
RedHat Openssh: CVE-2024-6387 Remote Code Execution Due To A Race Condition In Signal Handling
A security regression (CVE-2006-5051) was discovered in OpenSSH's serv ...