Описание
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1:9.6p1-3ubuntu15 |
| esm-infra-legacy/trusty | not-affected | introduced in v8.5p1 |
| esm-infra/bionic | not-affected | introduced in v8.5p1 |
| esm-infra/focal | not-affected | introduced in v8.5p1 |
| esm-infra/xenial | not-affected | introduced in v8.5p1 |
| fips-updates/bionic | not-affected | introduced in v8.5p1 |
| fips-updates/focal | not-affected | introduced in v8.5p1 |
| fips-updates/xenial | not-affected | introduced in v8.5p1 |
| fips/bionic | not-affected | introduced in v8.5p1 |
| fips/focal | not-affected | introduced in v8.5p1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | introduced in v8.5p1 |
| esm-apps/bionic | not-affected | introduced in v8.5p1 |
| esm-apps/focal | not-affected | introduced in v8.5p1 |
| esm-apps/jammy | not-affected | introduced in v8.5p1 |
| esm-apps/noble | not-affected | introduced in v8.5p1 |
| focal | not-affected | introduced in v8.5p1 |
| jammy | not-affected | introduced in v8.5p1 |
| mantic | not-affected | introduced in v8.5p1 |
| noble | not-affected | introduced in v8.5p1 |
| upstream | ignored | frozen on openssh 7.5p |
Показывать по
EPSS
8.1 High
CVSS3
Связанные уязвимости
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
RedHat Openssh: CVE-2024-6387 Remote Code Execution Due To A Race Condition In Signal Handling
A security regression (CVE-2006-5051) was discovered in OpenSSH's serv ...
EPSS
8.1 High
CVSS3