CVE-2024-6387: OpenSSH regreSSHion Attack (CVE-2024-6387)

First published: Thu Jun 27 2024(Updated: )

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

Credit: CVE-2024-6387 CertiK SkyFall Team sqrtpwn Minghao Lin Zhejiang UniversityJiaxun Zhu Zhejiang UniversityPatrick Wardle DoubleYouCVE-2024-40805 Rodolphe BRUNETTI @eisw0lf Adam M. Mickey Jin @patch1t Zhongquan Li @Guluisacat Dawn Security Lab of JingDongMickey Jin @patch1t Kandji KandjiCsaba Fitzl @theevilbit KandjiMateen Alinaghi Claudio Bozzato Cisco TalosFrancesco Benvenuto Cisco TalosCsaba Fitzl @theevilbit Offensive SecurityYadhu Krishna M Cyber Security At Suma Soft PvtNarendra Bhati Cyber Security At Suma Soft PvtManager Cyber Security At Suma Soft PvtPune (India) Wojciech Regula SecuRing Dawn Security Lab of JingDongKirin @Pwnrin Joshua Jones Jiwon Park an anonymous researcher Marcio Almeida Tanto SecurityBistrit Dahal Srijan Poudel Jiahui Hu (梅零落) NorthSeaMeng Zhang (鲸落) NorthSeaArsenii Kostromin (0x3c3e) Huang Xilin Ant Group LightMaksymilian Motyl Johan Carlsson (joaxcar) Seunghyun Lee @0x10n KAIST Hacking Lab working with Trend Micro Zero Day InitiativeCVE-2024-4558 Matthew Butler Gary Kwong Andreas Jaegersberger Ro Achterberg Ye Zhang @VAR10CK Baidu SecurityJunsung Lee Trend Micro Zero Day InitiativeGandalf4a Minghao Lin Baidu Security Baidu SecurityMichael DePlante @izobashi Trend Micro Zero Day InitiativeD4m0n Amir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary OperationsCVE-2024-2004 CVE-2024-2379 CVE-2024-2398 CVE-2024-2466 CVE-2023-6277 CVE-2023-52356 Yisumi CVE-2024-23296 Matthew Loewen Yann Gascuel Alter Solutionsw0wbox CrowdStrike Counter Adversary OperationsIES Red Team ByteDanceYeto Abhay Kailasia @abhay_kailasia Lakshmi Narain College of Technology Bhopal India secalert@redhat.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/oss-sec
• source/oss-sec
• alias/CVE-2024-6387
• agent/type
• collector/launchpad-cve
• source/Launchpad
• agent/first-publish-date
• collector/bleeping-computer
• source/BleepingComputer
• alias/CVE-2006-5051
• alias/CVE-2008-4109
• collector/the-register
• source/The Register
• agent/remedy
• collector/zdnet-article
• source/ZDNet
• alias/CVE-2024-6409
• collector/msrc
• source/Microsoft
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• collector/msrc-cve
• collector/epss-latest
• source/FIRST
• agent/epss
• collector/security-tracker-debian
• source/Debian
• agent/severity
• agent/title
• collector/usn-cve
• source/Ubuntu
• collector/fortiguard-psirt-latest
• source/FortiGuard
• collector/mitre-cve
• source/MITRE
• agent/trending
• agent/source
• collector/apple-support
• source/Apple
• alias/CVE-2024-2004
• alias/CVE-2024-2379
• alias/CVE-2024-2398
• alias/CVE-2024-2466
• alias/CVE-2024-40827
• alias/CVE-2024-44141
• alias/CVE-2024-40815
• alias/CVE-2024-40795
• alias/CVE-2023-6277
• alias/CVE-2023-52356
• alias/CVE-2024-40806
• alias/CVE-2024-40777
• alias/CVE-2024-40784
• alias/CVE-2024-40810
• alias/CVE-2024-27863
• alias/CVE-2024-40816
• alias/CVE-2024-40788
• alias/CVE-2024-40803
• alias/CVE-2024-40805
• alias/CVE-2024-40832
• alias/CVE-2024-40796
• alias/CVE-2024-40781
• alias/CVE-2024-40802
• alias/CVE-2024-40823
• alias/CVE-2024-27882
• alias/CVE-2024-27883
• alias/CVE-2024-40778
• alias/CVE-2024-40800
• alias/CVE-2023-27952
• alias/CVE-2024-40817
• alias/CVE-2024-40824
• alias/CVE-2024-27871
• alias/CVE-2024-27881
• alias/CVE-2024-40821
• alias/CVE-2024-40798
• alias/CVE-2024-27872
• alias/CVE-2024-27862
• alias/CVE-2024-40833
• alias/CVE-2024-40835
• alias/CVE-2024-40836
• alias/CVE-2024-40807
• alias/CVE-2024-40834
• alias/CVE-2024-40809
• alias/CVE-2024-40812
• alias/CVE-2024-40787
• alias/CVE-2024-40793
• alias/CVE-2024-40818
• alias/CVE-2024-40822
• alias/CVE-2024-44205
• alias/CVE-2024-40828
• alias/CVE-2024-40811
• alias/CVE-2024-40776
• alias/CVE-2024-40782
• alias/CVE-2024-40779
• alias/CVE-2024-40780
• alias/CVE-2024-40785
• alias/CVE-2024-40789
• alias/CVE-2024-4558
• alias/CVE-2024-40794
• alias/CVE-2024-44185
• alias/CVE-2024-44206
• alias/CVE-2024-27873
• alias/CVE-2023-38709
• alias/CVE-2024-24795
• alias/CVE-2024-27316
• alias/CVE-2024-40783
• alias/CVE-2024-40774
• alias/CVE-2024-40814
• alias/CVE-2024-40775
• alias/CVE-2024-27877
• alias/CVE-2024-27878
• alias/CVE-2024-44306
• alias/CVE-2024-44307
• alias/CVE-2024-40799
• agent/event
• agent/weakness
• agent/description
• agent/references
• agent/author
• collector/f5-advisory
• source/F5
• collector/fortiguard-psirt
• alias/CVE-2024-23296
• alias/CVE-2024-23261
• alias/CVE-2024-27826
• collector/nvd-cve
• source/NVD
• alias/CVE-2024-40786
• alias/CVE-2024-40829
• collector/nvd-api
• agent/softwarecombine
• agent/tags
• collector/redhat-bugzilla
• source/Red Hat
• agent/last-modified-date
• vendor/microsoft
• canonical/microsoft azure arc resource bridge
• package-manager/debian
• vendor/apple
• canonical/apple macos
• canonical/microsoft cbl-mariner
• vendor/f5
• canonical/f5 big-ip next (ltm)
• version/f5 big-ip next (ltm)/20.1.0
• version/f5 big-ip next (ltm)/20.2.1
• canonical/f5 big-ip next central manager
• version/f5 big-ip next central manager/20.1.0
• version/f5 big-ip next central manager/20.2.1
• canonical/f5 big-ip next
• version/f5 big-ip next/1.7.0
• version/f5 big-ip next/1.9.2
• version/f5 big-ip next/1.1.0
• version/f5 big-ip next/1.3.1
• vendor/fortinet
• canonical/fortinet fortiadc
• version/fortinet fortiadc/7.4.0
• version/fortinet fortiadc/7.4.4
• version/fortinet fortiadc/7.2.0
• version/fortinet fortiadc/7.2.6
• canonical/fortinet fortiaiops
• version/fortinet fortiaiops/2.0.0
• version/fortinet fortiaiops/2.0.1
• canonical/fortinet fortianalyzer
• version/fortinet fortianalyzer/7.4.0
• version/fortinet fortianalyzer/7.4.3
• version/fortinet fortianalyzer/7.2.0
• version/fortinet fortianalyzer/7.2.5
• version/fortinet fortianalyzer/7.0.0
• version/fortinet fortianalyzer/7.0.12
• version/fortinet fortianalyzer/6.4.0
• version/fortinet fortianalyzer/6.4.14
• version/fortinet fortianalyzer/.
• canonical/fortinet fortiauthenticator
• version/fortinet fortiauthenticator/6.6.0
• version/fortinet fortiauthenticator/6.6.1
• canonical/fortinet fortiddos-f
• version/fortinet fortiddos-f/5.7.0
• version/fortinet fortiddos-f/5.7.3
• version/fortinet fortiddos-f/7.0.0
• version/fortinet fortiddos-f/7.0.1
• canonical/fortinet fortideceptor
• version/fortinet fortideceptor/5.3.0
• version/fortinet fortideceptor/5.3.1
• version/fortinet fortideceptor/.
• canonical/fortinet fortiextender firmware
• version/fortinet fortiextender firmware/7.4.0
• version/fortinet fortiextender firmware/7.4.5
• version/fortinet fortiextender firmware/7.2.0
• version/fortinet fortiextender firmware/7.2.5
• version/fortinet fortiextender firmware/7.0.0
• version/fortinet fortiextender firmware/7.0.5
• canonical/fortinet fortilancloud
• version/fortinet fortilancloud/23
• version/fortinet fortilancloud/22
• canonical/fortinet fortimail-200d
• version/fortinet fortimail-200d/7.4.0
• version/fortinet fortimail-200d/7.4.2
• version/fortinet fortimail-200d/7.2.0
• version/fortinet fortimail-200d/7.2.6
• version/fortinet fortimail-200d/7.0.0
• version/fortinet fortimail-200d/7.0.7
• version/fortinet fortimail-200d/6.4.0
• version/fortinet fortimail-200d/6.4.8
• canonical/fortinet fortimanager
• version/fortinet fortimanager/7.4.0
• version/fortinet fortimanager/7.4.3
• version/fortinet fortimanager/7.2.0
• version/fortinet fortimanager/7.2.5
• version/fortinet fortimanager/7.0.0
• version/fortinet fortimanager/7.0.12
• version/fortinet fortimanager/6.4.0
• version/fortinet fortimanager/6.4.14
• canonical/fortinet fortimanager cloud
• version/fortinet fortimanager cloud/7.2.3
• version/fortinet fortimanager cloud/7.2.4
• version/fortinet fortimanager cloud/.
• version/fortinet fortimanager cloud/7.0.6
• version/fortinet fortimanager cloud/7.0.7
• canonical/fortinet fortinac
• version/fortinet fortinac/.
• version/fortinet fortinac/7.2.0
• version/fortinet fortinac/7.2.6
• canonical/fortinet fortirecorder 400d
• version/fortinet fortirecorder 400d/7.2.0
• version/fortinet fortirecorder 400d/7.2.1
• version/fortinet fortirecorder 400d/7.0.0
• version/fortinet fortirecorder 400d/7.0.4
• version/fortinet fortirecorder 400d/6.4.0
• version/fortinet fortirecorder 400d/6.4.5
• version/fortinet fortirecorder 400d/6.0.0
• version/fortinet fortirecorder 400d/6.0.12
• canonical/fortinet fortisandbox firmware
• version/fortinet fortisandbox firmware/4.4.0
• version/fortinet fortisandbox firmware/4.4.6
• version/fortinet fortisandbox firmware/4.2.0
• version/fortinet fortisandbox firmware/4.2.7
• version/fortinet fortisandbox firmware/4.0.0
• version/fortinet fortisandbox firmware/4.0.5
• version/fortinet fortisandbox firmware/3.2
• canonical/fortinet fortiswitch
• version/fortinet fortiswitch/7.4.0
• version/fortinet fortiswitch/7.4.3
• version/fortinet fortiswitch/7.2.0
• version/fortinet fortiswitch/7.2.8
• canonical/fortinet fortitester
• version/fortinet fortitester/7.4.0
• version/fortinet fortitester/7.4.2
• version/fortinet fortitester/7.3.0
• version/fortinet fortitester/7.3.2
• version/fortinet fortitester/7.2.0
• version/fortinet fortitester/7.2.3
• canonical/fortinet fortivoice enterprise
• version/fortinet fortivoice enterprise/7.0.0
• version/fortinet fortivoice enterprise/7.0.2
• version/fortinet fortivoice enterprise/6.4.0
• version/fortinet fortivoice enterprise/6.4.9
• canonical/fortinet fortiwlc
• version/fortinet fortiwlc/8.6.0
• version/fortinet fortiwlc/8.6.7
• canonical/fortinet fortiweb
• version/fortinet fortiweb/.
• version/fortinet fortiweb/7.4.0
• version/fortinet fortiweb/7.4.4
• version/fortinet fortiweb/7.2.0
• version/fortinet fortiweb/7.2.9
• canonical/microsoft azure kubernetes service
• canonical/macos
• vendor/openbsd
• canonical/openssh
• version/openssh/8.6
• version/openssh/4.4
• version/openssh/8.5-p1
• vendor/redhat
• canonical/red hat openshift container platform
• version/red hat openshift container platform/4.0
• canonical/red hat enterprise linux
• version/red hat enterprise linux/9.0
• canonical/red hat enterprise linux server eus
• version/red hat enterprise linux server eus/9.4
• version/red hat enterprise linux/9.0_aarch64
• canonical/red hat enterprise linux for arm64 eus
• version/red hat enterprise linux for arm64 eus/9.4_aarch64
• canonical/red hat enterprise linux for ibm z systems
• version/red hat enterprise linux for ibm z systems/9.0_s390x
• canonical/red hat enterprise linux for ibm z systems (s390x)
• version/red hat enterprise linux for ibm z systems (s390x)/9.4_s390x
• canonical/red hat enterprise linux for power, little endian
• version/red hat enterprise linux for power, little endian/9.0_ppc64le
• canonical/red hat enterprise linux for power, little endian - extended update support
• version/red hat enterprise linux for power, little endian - extended update support/9.4_ppc64le
• canonical/red hat enterprise linux server
• version/red hat enterprise linux server/9.4
• vendor/suse
• canonical/suse linux enterprise micro rancher
• version/suse linux enterprise micro rancher/6.0
• vendor/debian
• canonical/debian
• version/debian/12.0
• vendor/canonical
• canonical/ubuntu
• version/ubuntu/22.04
• version/ubuntu/22.10
• version/ubuntu/23.04
• vendor/amazon
• canonical/amazon web services linux
• vendor/netapp
• canonical/netapp e-series santricity os controller
• version/netapp e-series santricity os controller/11.0.0
• version/netapp e-series santricity os controller/11.70.2
• canonical/netapp ontap select deploy
• canonical/netapp ontap tools for vmware vsphere
• version/netapp ontap tools for vmware vsphere/9
• vendor/freebsd
• canonical/freebsd kernel
• version/freebsd kernel/13.2
• version/freebsd kernel/13.2-p1
• version/freebsd kernel/13.2-p10
• version/freebsd kernel/13.2-p11
• version/freebsd kernel/13.2-p2
• version/freebsd kernel/13.2-p3
• version/freebsd kernel/13.2-p4
• version/freebsd kernel/13.2-p5
• version/freebsd kernel/13.2-p6
• version/freebsd kernel/13.2-p7
• version/freebsd kernel/13.2-p8
• version/freebsd kernel/13.2-p9
• version/freebsd kernel/13.3
• version/freebsd kernel/13.3-p1
• version/freebsd kernel/13.3-p2
• version/freebsd kernel/13.3-p3
• version/freebsd kernel/14.0
• version/freebsd kernel/14.0-beta5
• version/freebsd kernel/14.0-p1
• version/freebsd kernel/14.0-p2
• version/freebsd kernel/14.0-p3
• version/freebsd kernel/14.0-p4
• version/freebsd kernel/14.0-p5
• version/freebsd kernel/14.0-p6
• version/freebsd kernel/14.0-p7
• version/freebsd kernel/14.0-rc3
• version/freebsd kernel/14.0-rc4-p1
• version/freebsd kernel/14.1
• version/freebsd kernel/14.1-p1
• vendor/netbsd
• canonical/netbsd current
• version/netbsd current/10.0.0
• canonical/macos ventura
• package-manager/redhat