CVE/CVE-2024-6387: Difference between revisions
< CVE
(Created page with "A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. https://www.cvedetails.com/cve/CVE-2024-6387/") |
No edit summary |
||
| Line 1: | Line 1: | ||
== openssh vulnerability == | |||
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. | A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. | ||
https://www.cvedetails.com/cve/CVE-2024-6387/ | https://www.cvedetails.com/cve/CVE-2024-6387/ | ||
--- | |||
https://ubuntu.com/security/CVE-2024-6387 | |||
: A security regression (CVE-2006-5051) was discovered in OpenSSH’s server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. | |||
Published: 1 July 2024 | |||
14 - trusty Not vulnerable (introduced in v8.5p1) | |||
16 - xenial Not vulnerable (introduced in v8.5p1) | |||
18 - bionic Not vulnerable (introduced in v8.5p1) | |||
20 - focal Not vulnerable (introduced in v8.5p1) | |||
22 - jammy Released (1:8.9p1-3ubuntu0.10) | |||
24 - noble Released (1:9.6p1-3ubuntu13.3) | |||
--- | |||
Notice: | |||
https://ubuntu.com/security/notices/USN-6859-1 | |||
Update to: | |||
Ubuntu 24.04 | |||
openssh-client - 1:9.6p1-3ubuntu13.3 | |||
openssh-server - 1:9.6p1-3ubuntu13.3 | |||
Ubuntu 23.10 | |||
openssh-client - 1:9.3p1-1ubuntu3.6 | |||
openssh-server - 1:9.3p1-1ubuntu3.6 | |||
Ubuntu 22.04 | |||
openssh-client - 1:8.9p1-3ubuntu0.10 | |||
openssh-server - 1:8.9p1-3ubuntu0.10 | |||
Revision as of 02:26, 4 July 2024
openssh vulnerability
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
https://www.cvedetails.com/cve/CVE-2024-6387/
---
https://ubuntu.com/security/CVE-2024-6387
- A security regression (CVE-2006-5051) was discovered in OpenSSH’s server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Published: 1 July 2024
14 - trusty Not vulnerable (introduced in v8.5p1) 16 - xenial Not vulnerable (introduced in v8.5p1) 18 - bionic Not vulnerable (introduced in v8.5p1) 20 - focal Not vulnerable (introduced in v8.5p1) 22 - jammy Released (1:8.9p1-3ubuntu0.10) 24 - noble Released (1:9.6p1-3ubuntu13.3)
---
Notice:
https://ubuntu.com/security/notices/USN-6859-1
Update to:
Ubuntu 24.04 openssh-client - 1:9.6p1-3ubuntu13.3 openssh-server - 1:9.6p1-3ubuntu13.3
Ubuntu 23.10 openssh-client - 1:9.3p1-1ubuntu3.6 openssh-server - 1:9.3p1-1ubuntu3.6
Ubuntu 22.04 openssh-client - 1:8.9p1-3ubuntu0.10 openssh-server - 1:8.9p1-3ubuntu0.10