FG-IR-24-258: OpenSSH regreSSHion Attack (CVE-2024-6387)
First published: Fri Oct 11 2024(Updated: )
CVE-2024-6387 A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). This could lead to remote code execution with root privileges.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet FortiADC | >=7.4.0<=7.4.4 | |
| Fortinet FortiADC | >=7.2.0<=7.2.6 | |
| Fortinet FortiAIOps | >=2.0.0<=2.0.1 | |
| Fortinet FortiAnalyzer | >=7.4.0<=7.4.3 | |
| Fortinet FortiAnalyzer | >=7.2.0<=7.2.5 | |
| Fortinet FortiAnalyzer | >=7.0.0<=7.0.12 | |
| Fortinet FortiAnalyzer | >=6.4.0<=6.4.14 | |
| Fortinet FortiAnalyzer | =. | |
| Fortinet FortiAuthenticator | >=6.6.0<=6.6.1 | |
| Fortinet FortiDDoS-F | >=5.7.0<=5.7.3 | |
| Fortinet FortiDDoS-F | >=7.0.0<=7.0.1 | |
| Fortinet FortiDeceptor | >=5.3.0<=5.3.1 | |
| Fortinet FortiDeceptor | =. | |
| Fortinet FortiExtender Firmware | >=7.4.0<=7.4.5 | |
| Fortinet FortiExtender Firmware | >=7.2.0<=7.2.5 | |
| Fortinet FortiExtender Firmware | >=7.0.0<=7.0.5 | |
| Fortinet FortiLANCloud | >=23 | |
| Fortinet FortiLANCloud | >=22 | |
| Fortinet Fortimail-200d | >=7.4.0<=7.4.2 | |
| Fortinet Fortimail-200d | >=7.2.0<=7.2.6 | |
| Fortinet Fortimail-200d | >=7.0.0<=7.0.7 | |
| Fortinet Fortimail-200d | >=6.4.0<=6.4.8 | |
| Fortinet FortiManager | >=7.4.0<=7.4.3 | |
| Fortinet FortiManager | >=7.2.0<=7.2.5 | |
| Fortinet FortiManager | >=7.0.0<=7.0.12 | |
| Fortinet FortiManager | >=6.4.0<=6.4.14 | |
| Fortinet FortiManager Cloud | >=7.2.3<=7.2.4 | |
| Fortinet FortiManager Cloud | =. | |
| Fortinet FortiManager Cloud | =. | |
| Fortinet FortiManager Cloud | >=7.0.6<=7.0.7 | |
| Fortinet FortiNAC | =. | |
| Fortinet FortiNAC | >=7.2.0<=7.2.6 | |
| Fortinet FortiRecorder 400D | >=7.2.0<=7.2.1 | |
| Fortinet FortiRecorder 400D | >=7.0.0<=7.0.4 | |
| Fortinet FortiRecorder 400D | >=6.4.0<=6.4.5 | |
| Fortinet FortiRecorder 400D | >=6.0.0<=6.0.12 | |
| Fortinet FortiSandbox Firmware | >=4.4.0<=4.4.6 | |
| Fortinet FortiSandbox Firmware | >=4.2.0<=4.2.7 | |
| Fortinet FortiSandbox Firmware | >=4.0.0<=4.0.5 | |
| Fortinet FortiSandbox Firmware | >=3.2 | |
| Fortinet FortiSwitch | >=7.4.0<=7.4.3 | |
| Fortinet FortiSwitch | >=7.2.0<=7.2.8 | |
| Fortinet FortiTester | >=7.4.0<=7.4.2 | |
| Fortinet FortiTester | >=7.3.0<=7.3.2 | |
| Fortinet FortiTester | >=7.2.0<=7.2.3 | |
| Fortinet FortiVoice Enterprise | >=7.0.0<=7.0.2 | |
| Fortinet FortiVoice Enterprise | >=6.4.0<=6.4.9 | |
| Fortinet FortiWLC | >=8.6.0<=8.6.7 | |
| Fortinet FortiWeb | =. | |
| Fortinet FortiWeb | >=7.4.0<=7.4.4 | |
| Fortinet FortiWeb | >=7.2.0<=7.2.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of FG-IR-24-258?
The severity of FG-IR-24-258 is considered high due to the potential for unauthorized access if exploited.
How do I fix FG-IR-24-258?
To fix FG-IR-24-258, upgrade your affected Fortinet products to the recommended version specified in the advisory.
Which Fortinet products are affected by FG-IR-24-258?
FG-IR-24-258 affects multiple Fortinet products including FortiADC, FortiAnalyzer, FortiMail, and FortiWeb among others.
What versions are vulnerable to FG-IR-24-258?
Versions prior to the remediation versions listed in FG-IR-24-258 for each affected Fortinet product are vulnerable.
Is a patch available for FG-IR-24-258?
Yes, patches are available for FG-IR-24-258 as per the recommended upgrades in the advisory.
- agent/type
- agent/title
- agent/weakness
- agent/severity
- agent/description
- agent/references
- agent/first-publish-date
- agent/last-modified-date
- collector/fortiguard-psirt-latest
- source/FortiGuard
- alias/CVE-2024-6387
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/fortiguard-psirt
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/fortinet
- canonical/fortinet fortiadc
- version/fortinet fortiadc/7.4.0
- version/fortinet fortiadc/7.4.4
- version/fortinet fortiadc/7.2.0
- version/fortinet fortiadc/7.2.6
- canonical/fortinet fortiaiops
- version/fortinet fortiaiops/2.0.0
- version/fortinet fortiaiops/2.0.1
- canonical/fortinet fortianalyzer
- version/fortinet fortianalyzer/7.4.0
- version/fortinet fortianalyzer/7.4.3
- version/fortinet fortianalyzer/7.2.0
- version/fortinet fortianalyzer/7.2.5
- version/fortinet fortianalyzer/7.0.0
- version/fortinet fortianalyzer/7.0.12
- version/fortinet fortianalyzer/6.4.0
- version/fortinet fortianalyzer/6.4.14
- version/fortinet fortianalyzer/.
- canonical/fortinet fortiauthenticator
- version/fortinet fortiauthenticator/6.6.0
- version/fortinet fortiauthenticator/6.6.1
- canonical/fortinet fortiddos-f
- version/fortinet fortiddos-f/5.7.0
- version/fortinet fortiddos-f/5.7.3
- version/fortinet fortiddos-f/7.0.0
- version/fortinet fortiddos-f/7.0.1
- canonical/fortinet fortideceptor
- version/fortinet fortideceptor/5.3.0
- version/fortinet fortideceptor/5.3.1
- version/fortinet fortideceptor/.
- canonical/fortinet fortiextender firmware
- version/fortinet fortiextender firmware/7.4.0
- version/fortinet fortiextender firmware/7.4.5
- version/fortinet fortiextender firmware/7.2.0
- version/fortinet fortiextender firmware/7.2.5
- version/fortinet fortiextender firmware/7.0.0
- version/fortinet fortiextender firmware/7.0.5
- canonical/fortinet fortilancloud
- version/fortinet fortilancloud/23
- version/fortinet fortilancloud/22
- canonical/fortinet fortimail-200d
- version/fortinet fortimail-200d/7.4.0
- version/fortinet fortimail-200d/7.4.2
- version/fortinet fortimail-200d/7.2.0
- version/fortinet fortimail-200d/7.2.6
- version/fortinet fortimail-200d/7.0.0
- version/fortinet fortimail-200d/7.0.7
- version/fortinet fortimail-200d/6.4.0
- version/fortinet fortimail-200d/6.4.8
- canonical/fortinet fortimanager
- version/fortinet fortimanager/7.4.0
- version/fortinet fortimanager/7.4.3
- version/fortinet fortimanager/7.2.0
- version/fortinet fortimanager/7.2.5
- version/fortinet fortimanager/7.0.0
- version/fortinet fortimanager/7.0.12
- version/fortinet fortimanager/6.4.0
- version/fortinet fortimanager/6.4.14
- canonical/fortinet fortimanager cloud
- version/fortinet fortimanager cloud/7.2.3
- version/fortinet fortimanager cloud/7.2.4
- version/fortinet fortimanager cloud/.
- version/fortinet fortimanager cloud/7.0.6
- version/fortinet fortimanager cloud/7.0.7
- canonical/fortinet fortinac
- version/fortinet fortinac/.
- version/fortinet fortinac/7.2.0
- version/fortinet fortinac/7.2.6
- canonical/fortinet fortirecorder 400d
- version/fortinet fortirecorder 400d/7.2.0
- version/fortinet fortirecorder 400d/7.2.1
- version/fortinet fortirecorder 400d/7.0.0
- version/fortinet fortirecorder 400d/7.0.4
- version/fortinet fortirecorder 400d/6.4.0
- version/fortinet fortirecorder 400d/6.4.5
- version/fortinet fortirecorder 400d/6.0.0
- version/fortinet fortirecorder 400d/6.0.12
- canonical/fortinet fortisandbox firmware
- version/fortinet fortisandbox firmware/4.4.0
- version/fortinet fortisandbox firmware/4.4.6
- version/fortinet fortisandbox firmware/4.2.0
- version/fortinet fortisandbox firmware/4.2.7
- version/fortinet fortisandbox firmware/4.0.0
- version/fortinet fortisandbox firmware/4.0.5
- version/fortinet fortisandbox firmware/3.2
- canonical/fortinet fortiswitch
- version/fortinet fortiswitch/7.4.0
- version/fortinet fortiswitch/7.4.3
- version/fortinet fortiswitch/7.2.0
- version/fortinet fortiswitch/7.2.8
- canonical/fortinet fortitester
- version/fortinet fortitester/7.4.0
- version/fortinet fortitester/7.4.2
- version/fortinet fortitester/7.3.0
- version/fortinet fortitester/7.3.2
- version/fortinet fortitester/7.2.0
- version/fortinet fortitester/7.2.3
- canonical/fortinet fortivoice enterprise
- version/fortinet fortivoice enterprise/7.0.0
- version/fortinet fortivoice enterprise/7.0.2
- version/fortinet fortivoice enterprise/6.4.0
- version/fortinet fortivoice enterprise/6.4.9
- canonical/fortinet fortiwlc
- version/fortinet fortiwlc/8.6.0
- version/fortinet fortiwlc/8.6.7
- canonical/fortinet fortiweb
- version/fortinet fortiweb/.
- version/fortinet fortiweb/7.4.0
- version/fortinet fortiweb/7.4.4
- version/fortinet fortiweb/7.2.0
- version/fortinet fortiweb/7.2.9