by @Smartkeyss
23 Jul 2024

RegreSSHion: An OpenSSH Regression error (CVE-2024-6387)

by @Smartkeyss
23 Jul 2024

RegreSSHion: An OpenSSH Regression error (CVE-2024-6387)

CVEs

8.1 High Severity

Screenshots from the blog posts

images/clyxureod0qai1gn9f1gc0tn5.pngimages/clyxureod0qai1gn9f1gc0tn5.png

Summary

CVE-2024-6387 is a regression of CVE-2006-5051 in OpenSSH's `sshd`, causing a race condition that mishandles signals. An unauthenticated attacker can exploit this by failing to authenticate within a set time. Users should update OpenSSH or set `LoginGraceTime` to zero.

Description

users/photos/clsevlral8gef1hon15grbvup.jpg

@Smartkeyss

59 posts

I am just curious 😊 I use simple words to explain complicated things.

Total vcoins

98.4K

Comments (0)