Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:4457

Опубликовано: 15 июл. 2024
Источник: rocky
Оценка: Moderate

Описание

Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.

Security Fix(es):

  • openssh: Possible remote code execution due to a race condition in signal handling affecting Rocky Linux 9 (CVE-2024-6409)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
opensshx86_6438.el9_4.4openssh-8.7p1-38.el9_4.4.x86_64.rpm
openssh-clientsx86_6438.el9_4.4openssh-clients-8.7p1-38.el9_4.4.x86_64.rpm
openssh-keycatx86_6438.el9_4.4openssh-keycat-8.7p1-38.el9_4.4.x86_64.rpm
openssh-serverx86_6438.el9_4.4openssh-server-8.7p1-38.el9_4.4.x86_64.rpm

Показывать по

Связанные CVE

CVE-2024-6409

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2024-6409

CVSS3: 7
ubuntu
12 месяцев назад

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.

redhat логотип

CVE-2024-6409

CVSS3: 7
redhat
12 месяцев назад

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.

nvd логотип

CVE-2024-6409

CVSS3: 7
nvd
12 месяцев назад

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.

debian логотип

CVE-2024-6409

CVSS3: 7
debian
12 месяцев назад

A race condition vulnerability was discovered in how signals are handl ...

github логотип

GHSA-79hg-h6r6-64mm

CVSS3: 7
github
12 месяцев назад

A signal handler race condition vulnerability was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). This issue leaves it vulnerable to a signal handler race condition on the cleanup_exit() function, which introduces the same vulnerability as CVE-2024-6387 in the unprivileged child of the SSHD server.