CVE-2024-6409: Openssh: possible remote code execution due to a race condition in signal handling affecting red hat enterprise linux 9
First published: Mon Jul 01 2024(Updated: )
A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 BIG-IP Next SPK | >=1.7.0<=1.9.2 | |
| F5 BIG-IP Next CNF | >=1.1.0<=1.3.1 | |
| debian/openssh | 1:8.4p1-5+deb11u3 1:9.2p1-2+deb12u3 1:9.8p1-8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.theregister.com/2024/07/11/openssh_bug_in_rhel_9/
- https://my.f5.com/manage/s/article/K000140975
- https://www.openwall.com/lists/oss-security/2024/07/08/2
- https://security-tracker.debian.org/tracker/CVE-2024-6409
- https://access.redhat.com/errata/RHSA-2024:4457
- https://access.redhat.com/errata/RHSA-2024:4613
- https://access.redhat.com/errata/RHSA-2024:4716
- https://access.redhat.com/errata/RHSA-2024:4910
- https://access.redhat.com/errata/RHSA-2024:4955
- https://access.redhat.com/errata/RHSA-2024:4960
- https://access.redhat.com/errata/RHSA-2024:5444
- https://access.redhat.com/security/cve/CVE-2024-6409
- https://bugzilla.redhat.com/show_bug.cgi?id=2295085
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6409
- https://nvd.nist.gov/vuln/detail/CVE-2024-6409
- https://launchpad.net/bugs/cve/CVE-2024-6409
- https://ubuntu.com/security/CVE-2024-6409
- https://access.redhat.com/security/cve/CVE-2024-6387
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2295085#c15
- https://mapquest-directions.org
- agent/weakness
- agent/title
- agent/type
- agent/first-publish-date
- agent/author
- collector/the-register
- source/The Register
- alias/CVE-2024-6409
- alias/CVE-2024-6387
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/f5-advisory
- source/F5
- agent/software-canonical-lookup
- agent/severity
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- collector/nvd-cve
- agent/references
- agent/tags
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- agent/last-modified-date
- agent/trending
- vendor/f5
- canonical/f5 big-ip next spk
- version/f5 big-ip next spk/1.7.0
- version/f5 big-ip next spk/1.9.2
- canonical/f5 big-ip next cnf
- version/f5 big-ip next cnf/1.1.0
- version/f5 big-ip next cnf/1.3.1
- package-manager/debian