CVE-2024-6387

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2024:4312	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4340	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4389	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4469	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4474	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4479	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4484	Third Party Advisory
https://access.redhat.com/security/cve/CVE-2024-6387	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2294604	Third Party Advisory
https://santandersecurityresearch.github.io/blog/sshing_the_masses.html	Exploit Third Party Advisory
https://www.openssh.com/txt/release-9.8	Release Notes Third Party Advisory
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt	Exploit Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jul/18	Mailing List
http://seclists.org/fulldisclosure/2024/Jul/19	Mailing List
http://seclists.org/fulldisclosure/2024/Jul/20	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/01/12	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/01/13	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/02/1	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/03/1	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/03/11	Exploit Mailing List
http://www.openwall.com/lists/oss-security/2024/07/03/2	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/03/3	Mailing List Patch
http://www.openwall.com/lists/oss-security/2024/07/03/4	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/03/5	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/04/1	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/04/2	Exploit Mailing List
http://www.openwall.com/lists/oss-security/2024/07/08/2	Exploit Mailing List
http://www.openwall.com/lists/oss-security/2024/07/08/3	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/09/2	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/09/5	Exploit Mailing List
http://www.openwall.com/lists/oss-security/2024/07/10/1	Exploit Mailing List
http://www.openwall.com/lists/oss-security/2024/07/10/2	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/10/3	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/10/4	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/10/6	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/11/1	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/11/3	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/23/4	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/23/6	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/28/2	Mailing List
http://www.openwall.com/lists/oss-security/2024/07/28/3	Mailing List
https://access.redhat.com/errata/RHSA-2024:4312	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4340	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4389	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4469	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4474	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4479	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4484	Third Party Advisory
https://access.redhat.com/security/cve/CVE-2024-6387	Third Party Advisory
https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/	Third Party Advisory
https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/	Press/Media Coverage Third Party Advisory
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server	Press/Media Coverage Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2294604	Third Party Advisory
https://explore.alas.aws.amazon.com/CVE-2024-6387.html	Third Party Advisory
https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132	Issue Tracking
https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc	Release Notes
https://github.com/AlmaLinux/updates/issues/629	Issue Tracking
https://github.com/Azure/AKS/issues/4379	Issue Tracking
https://github.com/PowerShell/Win32-OpenSSH/discussions/2248	Issue Tracking
https://github.com/PowerShell/Win32-OpenSSH/issues/2249	Issue Tracking
https://github.com/microsoft/azurelinux/issues/9555	Issue Tracking
https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09	Patch
https://github.com/oracle/oracle-linux/issues/149	Issue Tracking
https://github.com/rapier1/hpn-ssh/issues/87	Issue Tracking
https://github.com/zgzhang/cve-2024-6387-poc	Third Party Advisory
https://lists.almalinux.org/archives/list/[email protected]/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/	Third Party Advisory
https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html	Mailing List Release Notes
https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html	Mailing List Patch
https://news.ycombinator.com/item?id=40843778	Issue Tracking Patch
https://packetstorm.news/files/id/190587/	Broken Link
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010	Third Party Advisory
https://santandersecurityresearch.github.io/blog/sshing_the_masses.html	Exploit Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2024-6387	Third Party Advisory
https://security.netapp.com/advisory/ntap-20240701-0001/	Third Party Advisory
https://sig-security.rocky.page/issues/CVE-2024-6387/	Third Party Advisory
https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/	Press/Media Coverage Third Party Advisory
https://support.apple.com/kb/HT214118	Third Party Advisory
https://support.apple.com/kb/HT214119	Third Party Advisory
https://support.apple.com/kb/HT214120	Third Party Advisory
https://ubuntu.com/security/CVE-2024-6387	Third Party Advisory
https://ubuntu.com/security/notices/USN-6859-1	Third Party Advisory
https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do	Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100	Third Party Advisory
https://www.exploit-db.com/exploits/52269	Exploit
https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc	Third Party Advisory
https://www.openssh.com/txt/release-9.8	Release Notes Third Party Advisory
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt	Exploit Third Party Advisory
https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html	Third Party Advisory
https://www.suse.com/security/cve/CVE-2024-6387.html	Third Party Advisory
https://www.theregister.com/2024/07/01/regresshion_openssh/	Press/Media Coverage Third Party Advisory
https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:sonicwall:sma_6200_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:sma_6200:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:sonicwall:sma_7200_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:sma_7200:-:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*

Configuration 4 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:23.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:24.04::::lts:::

Configuration 5 (hide)

cpe:2.3:o:almalinux:almalinux:9.0:-:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:sonicwall:sma_6210_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:sma_6210:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:sonicwall:sma_7210_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:sma_7210:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:sonicwall:sma_8200v_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:sma_8200v:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:sonicwall:sra_ex_7000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:sra_ex_7000:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:netapp:a1k_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:a1k:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:netapp:a70_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:a70:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:netapp:a90_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:a90:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:netapp:8300_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:8300:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:netapp:8700_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:8700:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:a400:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:netapp:c400_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:c400:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:netapp:a800_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:a800:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:netapp:c800_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:c800:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:netapp:a900_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:a900:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:netapp:a9500_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:a9500:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:netapp:c190_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:c190:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:netapp:a150_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:a150:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:netapp:a220_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:a220:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:netapp:fas2820_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas2820:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND

cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

Configuration 32 (hide)

OR	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::

Configuration 33 (hide)

OR	cpe:2.3:a:openbsd:openssh::::::::
	cpe:2.3:a:openbsd:openssh::::::::
	cpe:2.3:a:openbsd:openssh:4.4:-::::::
	cpe:2.3:a:openbsd:openssh:8.5:p1::::::
	cpe:2.3:a:openbsd:openssh:8.6:-::::::

Configuration 34 (hide)

OR	cpe:2.3:a:redhat:openshift_container_platform:4.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:9.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:::::::*

Configuration 35 (hide)

cpe:2.3:o:suse:linux_enterprise_micro:6.0:*:*:*:*:*:*:*

Configuration 36 (hide)

cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*

Configuration 37 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:22.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:22.10::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:23.04::::lts:::

Configuration 38 (hide)

cpe:2.3:o:amazon:amazon_linux:2023.0:*:*:*:*:*:*:*

Configuration 39 (hide)

OR	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
	cpe:2.3:a:netapp:e-series_santricity_os_controller::::::::
	cpe:2.3:a:netapp:ontap:9:::::::*
	cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:::::::*
	cpe:2.3:a:netapp:ontap_tools:9:::::vmware_vsphere::
	cpe:2.3:a:netapp:ontap_tools:10:::::vmware_vsphere::

Configuration 40 (hide)

OR	cpe:2.3:o:freebsd:freebsd:13.2:-::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p1::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p10::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p11::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p2::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p3::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p4::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p5::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p6::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p7::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p8::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p9::::::
	cpe:2.3:o:freebsd:freebsd:13.3:-::::::
	cpe:2.3:o:freebsd:freebsd:13.3:p1::::::
	cpe:2.3:o:freebsd:freebsd:13.3:p2::::::
	cpe:2.3:o:freebsd:freebsd:13.3:p3::::::
	cpe:2.3:o:freebsd:freebsd:14.0:-::::::
	cpe:2.3:o:freebsd:freebsd:14.0:beta5::::::
	cpe:2.3:o:freebsd:freebsd:14.0:p1::::::
	cpe:2.3:o:freebsd:freebsd:14.0:p2::::::
	cpe:2.3:o:freebsd:freebsd:14.0:p3::::::
	cpe:2.3:o:freebsd:freebsd:14.0:p4::::::
	cpe:2.3:o:freebsd:freebsd:14.0:p5::::::
	cpe:2.3:o:freebsd:freebsd:14.0:p6::::::
	cpe:2.3:o:freebsd:freebsd:14.0:p7::::::
	cpe:2.3:o:freebsd:freebsd:14.0:rc3::::::
	cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1::::::
	cpe:2.3:o:freebsd:freebsd:14.1:-::::::
	cpe:2.3:o:freebsd:freebsd:14.1:p1::::::

Configuration 41 (hide)

cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-07-01 13:15

Updated : 2025-09-30 13:52

NVD link : CVE-2024-6387

Mitre link : CVE-2024-6387

CVE.ORG link : CVE-2024-6387

JSON object : View

Products Affected

netapp

8300
a9500
c190_firmware
a250
a220
a250_firmware
a900_firmware
a900
a9500_firmware
fas2750
c800_firmware
fas2750_firmware
a800
ontap
a70
active_iq_unified_manager
a220_firmware
a700s
a400_firmware
8700_firmware
e-series_santricity_os_controller
c400
c250
a150
a1k_firmware
a90
a400
a700s_firmware
a90_firmware
c250_firmware
a70_firmware
bootstrap_os
a800_firmware
500f
8700
fas2820
8300_firmware
a150_firmware
fas2820_firmware
ontap_select_deploy_administration_utility
a1k
500f_firmware
c190
fas2720_firmware
c400_firmware
hci_compute_node
ontap_tools
c800
fas2720

sonicwall

sma_7210_firmware
sma_6200
sma_6210
sma_6210_firmware
sma_6200_firmware
sma_7200
sra_ex_7000
sma_7200_firmware
sra_ex_7000_firmware
sma_8200v
sma_8200v_firmware
sma_7210

netbsd

netbsd

amazon

amazon_linux

redhat

enterprise_linux_eus
openshift_container_platform
enterprise_linux_for_power_little_endian_eus
enterprise_linux_for_arm_64_eus
enterprise_linux_server_aus
enterprise_linux_for_ibm_z_systems
enterprise_linux
enterprise_linux_for_power_little_endian
enterprise_linux_for_arm_64
enterprise_linux_for_ibm_z_systems_eus

suse

linux_enterprise_micro

canonical

ubuntu_linux

openbsd

openssh

apple

macos

freebsd

freebsd

debian

debian_linux

arista

almalinux

almalinux

CWE

CWE-364

Signal Handler Race Condition

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

8.1 /10