CVE-2024-6387

Updated: 2024-07-18 20:44:29.614448

Description:

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 8.1

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU openssh 8.7p1 8.1 HIGH Released CLSA-2024:1720093829 2024-07-04 10:10:11
AlmaLinux 9.2 ESU httpd 2.4.53 8.1 HIGH Not Vulnerable 2024-07-18 14:23:23
CentOS 6 ELS openssh 5.3p1 8.1 HIGH Not Vulnerable 2024-07-02 17:22:58
CentOS 6 ELS httpd 2.2.15 8.1 HIGH Not Vulnerable 2024-07-18 14:23:22
CentOS 7 ELS openssh 7.4p1 8.1 HIGH Not Vulnerable 2024-07-02 17:22:58
CentOS 7 ELS httpd 2.4.6 8.1 HIGH Not Vulnerable 2024-07-18 14:23:23
CentOS 8.4 ELS openssh 8.0p1-6 8.1 HIGH Not Vulnerable 2024-07-02 17:22:58
CentOS 8.4 ELS httpd 2.4.37 8.1 HIGH Not Vulnerable 2024-07-18 14:23:23
CentOS 8.5 ELS httpd 2.4.37 8.1 HIGH Not Vulnerable 2024-07-18 14:23:22
CentOS 8.5 ELS openssh 8.0p1-10 8.1 HIGH Not Vulnerable 2024-07-02 17:22:58
Total: 18