A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.39428.

Exploitation poc

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
unaffected
Version Status Constraints
8.5p1 affected ≤ 9.7p1
Red Hat Red Hat Enterprise Linux 9 affected
Version Status Constraints
0:8.7p1-38.el9_4.1 unaffected < *
Red Hat Red Hat Enterprise Linux 9 affected
Version Status Constraints
0:8.7p1-38.el9_4.1 unaffected < *
Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions affected
Version Status Constraints
0:8.7p1-12.el9_0.1 unaffected < *
Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support affected
Version Status Constraints
0:8.7p1-30.el9_2.4 unaffected < *
Red Hat Red Hat OpenShift Container Platform 4.13 affected
Version Status Constraints
413.92.202407091321-0 unaffected < *
Red Hat Red Hat OpenShift Container Platform 4.14 affected
Version Status Constraints
414.92.202407091253-0 unaffected < *
Red Hat Red Hat OpenShift Container Platform 4.15 affected
Version Status Constraints
415.92.202407091355-0 unaffected < *
Red Hat Red Hat OpenShift Container Platform 4.16 affected
Version Status Constraints
416.94.202407081958-0 unaffected < *
Red Hat Red Hat Ceph Storage 5 unaffected
Red Hat Red Hat Ceph Storage 6 unaffected
Red Hat Red Hat Ceph Storage 7 unaffected
Red Hat Red Hat Enterprise Linux 10 unaffected
Red Hat Red Hat Enterprise Linux 6 unaffected
Red Hat Red Hat Enterprise Linux 7 unaffected
Red Hat Red Hat Enterprise Linux 8 unaffected

Configuration 1 [-]

AND
cpe:2.3:o:sonicwall:sma_6200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_6200:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:sonicwall:sma_7200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_7200:-:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:23.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:lts:*:*:*

Configuration 5 [-]

cpe:2.3:o:almalinux:almalinux:9.0:-:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:sonicwall:sma_6210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_6210:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:sonicwall:sma_7210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_7210:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:sonicwall:sma_8200v_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_8200v:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:sonicwall:sra_ex_7000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sra_ex_7000:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:netapp:a1k_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a1k:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:netapp:a70_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a70:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:netapp:a90_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a90:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:netapp:8300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:8300:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:netapp:8700_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:8700:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a400:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:netapp:c400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c400:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:netapp:a800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a800:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:netapp:c800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c800:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:netapp:a900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a900:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:netapp:a9500_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a9500:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:netapp:c190_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c190:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:netapp:a150_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a150:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND
cpe:2.3:o:netapp:a220_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a220:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND
cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND
cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND
cpe:2.3:o:netapp:fas2820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2820:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND
cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

Configuration 32 [-]

OR cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Configuration 33 [-]

OR cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.4:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:8.5:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:8.6:-:*:*:*:*:*:*

Configuration 34 [-]

OR cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*

Configuration 35 [-]

cpe:2.3:o:suse:linux_enterprise_micro:6.0:*:*:*:*:*:*:*

Configuration 36 [-]

cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*

Configuration 37 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:22.10:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:lts:*:*:*

Configuration 38 [-]

cpe:2.3:o:amazon:amazon_linux:2023.0:*:*:*:*:*:*:*

Configuration 39 [-]

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:*

Configuration 40 [-]

OR cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p1:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p10:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p11:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p2:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p3:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p4:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p5:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p6:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p7:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p8:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p9:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.3:-:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.3:p1:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.3:p2:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.3:p3:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:-:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:beta5:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:p1:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:p2:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:p3:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:p4:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:p5:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:p6:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:p7:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:rc3:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.1:-:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.1:p1:*:*:*:*:*:*

Configuration 41 [-]

cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 9
openssh-0:8.7p1-38.el9_4.1 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:4312 2024-07-03T00:00:00Z
openssh-0:8.7p1-38.el9_4.1 cpe:/o:redhat:enterprise_linux:9 RHSA-2024:4312 2024-07-03T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
openssh-0:8.7p1-12.el9_0.1 cpe:/a:redhat:rhel_e4s:9.0 RHSA-2024:4389 2024-07-08T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
openssh-0:8.7p1-30.el9_2.4 cpe:/a:redhat:rhel_eus:9.2 RHSA-2024:4340 2024-07-05T00:00:00Z
Red Hat OpenShift Container Platform 4.13
rhcos-413.92.202407091321-0 cpe:/a:redhat:openshift:4.13::el9 RHSA-2024:4484 2024-07-17T00:00:00Z
Red Hat OpenShift Container Platform 4.14
rhcos-414.92.202407091253-0 cpe:/a:redhat:openshift:4.14::el9 RHSA-2024:4479 2024-07-17T00:00:00Z
Red Hat OpenShift Container Platform 4.15
rhcos-415.92.202407091355-0 cpe:/a:redhat:openshift:4.15::el9 RHSA-2024:4474 2024-07-18T00:00:00Z
Red Hat OpenShift Container Platform 4.16
rhcos-416.94.202407081958-0 cpe:/a:redhat:openshift:4.16::el9 RHSA-2024:4469 2024-07-16T00:00:00Z

No data.

Project Subscriptions

Vendors Products
Almalinux Subscribe
Almalinux Subscribe
Amazon Subscribe
Amazon Linux Subscribe
Apple Subscribe
Macos Subscribe
Arista Subscribe
Eos Subscribe
Canonical Subscribe
Ubuntu Linux Subscribe
Debian Subscribe
Debian Linux Subscribe
Freebsd Subscribe
Freebsd Subscribe
Netapp Subscribe
500f Subscribe
500f Firmware Subscribe
8300 Subscribe
8300 Firmware Subscribe
8700 Subscribe
8700 Firmware Subscribe
A150 Subscribe
A150 Firmware Subscribe
A1k Subscribe
A1k Firmware Subscribe
A220 Subscribe
A220 Firmware Subscribe
A250 Subscribe
A250 Firmware Subscribe
A400 Subscribe
A400 Firmware Subscribe
A70 Subscribe
A700s Subscribe
A700s Firmware Subscribe
A70 Firmware Subscribe
A800 Subscribe
A800 Firmware Subscribe
A90 Subscribe
A900 Subscribe
A900 Firmware Subscribe
A90 Firmware Subscribe
A9500 Subscribe
A9500 Firmware Subscribe
Active Iq Unified Manager Subscribe
Bootstrap Os Subscribe
C190 Subscribe
C190 Firmware Subscribe
C250 Subscribe
C250 Firmware Subscribe
C400 Subscribe
C400 Firmware Subscribe
C800 Subscribe
C800 Firmware Subscribe
E-series Santricity Os Controller Subscribe
Fas2720 Subscribe
Fas2720 Firmware Subscribe
Fas2750 Subscribe
Fas2750 Firmware Subscribe
Fas2820 Subscribe
Fas2820 Firmware Subscribe
Hci Compute Node Subscribe
Ontap Subscribe
Ontap Select Deploy Administration Utility Subscribe
Ontap Tools Subscribe
Netbsd Subscribe
Netbsd Subscribe
Openbsd Subscribe
Openssh Subscribe
Redhat Subscribe
Ceph Storage Subscribe
Enterprise Linux Subscribe
Enterprise Linux Eus Subscribe
Enterprise Linux For Arm 64 Subscribe
Enterprise Linux For Arm 64 Eus Subscribe
Enterprise Linux For Ibm Z Systems Subscribe
Enterprise Linux For Ibm Z Systems Eus Subscribe
Enterprise Linux For Power Little Endian Subscribe
Enterprise Linux For Power Little Endian Eus Subscribe
Enterprise Linux Server Aus Subscribe
Openshift Subscribe
Openshift Container Platform Subscribe
Rhel E4s Subscribe
Rhel Eus Subscribe
Sonicwall Subscribe
Sma 6200 Subscribe
Sma 6200 Firmware Subscribe
Sma 6210 Subscribe
Sma 6210 Firmware Subscribe
Sma 7200 Subscribe
Sma 7200 Firmware Subscribe
Sma 7210 Subscribe
Sma 7210 Firmware Subscribe
Sma 8200v Subscribe
Sma 8200v Firmware Subscribe
Sra Ex 7000 Subscribe
Sra Ex 7000 Firmware Subscribe
Suse Subscribe
Linux Enterprise Micro Subscribe
Advisories
Source ID Title
Debian DSA Debian DSA DSA-5724-1 openssh security update
Ubuntu USN Ubuntu USN USN-6859-1 OpenSSH vulnerability
Fixes

Solution

No solution given by the vendor.

Workaround

The below process can protect against a Remote Code Execution attack by disabling the LoginGraceTime parameter on Red Hat Enterprise Linux 9. However, the sshd server is still vulnerable to a Denial of Service if an attacker exhausts all the connections. 1) As root user, open the /etc/ssh/sshd_config 2) Add or edit the parameter configuration: ~~~ LoginGraceTime 0 ~~~ 3) Save and close the file 4) Restart the sshd daemon: ~~~ systemctl restart sshd.service ~~~ Setting LoginGraceTime to 0 disables the SSHD server's ability to drop connections if authentication is not completed within the specified timeout. If this mitigation is implemented, it is highly recommended to use a tool like 'fail2ban' alongside a firewall to monitor log files and manage connections appropriately. If any of the mitigations mentioned above is used, please note that the removal of LoginGraceTime parameter from sshd_config is not automatic when the updated package is installed.

References
Link Providers
http://seclists.org/fulldisclosure/2024/Jul/18 cve-icon
http://seclists.org/fulldisclosure/2024/Jul/19 cve-icon
http://seclists.org/fulldisclosure/2024/Jul/20 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/01/12 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/01/13 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/02/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/11 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/3 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/4 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/5 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/04/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/04/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/08/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/08/3 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/09/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/09/5 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/10/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/10/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/10/3 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/10/4 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/10/6 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/11/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/11/3 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/23/4 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/23/6 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/28/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/28/3 cve-icon
https://access.redhat.com/errata/RHSA-2024:4312 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4340 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4389 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4469 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4474 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4479 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4484 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2024-6387 cve-icon cve-icon
https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/ cve-icon
https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/ cve-icon
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2294604 cve-icon cve-icon
https://explore.alas.aws.amazon.com/CVE-2024-6387.html cve-icon
https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132 cve-icon
https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc cve-icon
https://github.com/AlmaLinux/updates/issues/629 cve-icon
https://github.com/Azure/AKS/issues/4379 cve-icon
https://github.com/PowerShell/Win32-OpenSSH/discussions/2248 cve-icon
https://github.com/PowerShell/Win32-OpenSSH/issues/2249 cve-icon
https://github.com/microsoft/azurelinux/issues/9555 cve-icon
https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09 cve-icon
https://github.com/oracle/oracle-linux/issues/149 cve-icon
https://github.com/rapier1/hpn-ssh/issues/87 cve-icon
https://github.com/zgzhang/cve-2024-6387-poc cve-icon
https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/ cve-icon
https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html cve-icon
https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html cve-icon
https://news.ycombinator.com/item?id=40843778 cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-6387 cve-icon
https://packetstorm.news/files/id/190587/ cve-icon
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010 cve-icon
https://santandersecurityresearch.github.io/blog/sshing_the_masses.html cve-icon cve-icon cve-icon
https://security-tracker.debian.org/tracker/CVE-2024-6387 cve-icon
https://security.netapp.com/advisory/ntap-20240701-0001/ cve-icon
https://sig-security.rocky.page/issues/CVE-2024-6387/ cve-icon
https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/ cve-icon
https://support.apple.com/kb/HT214118 cve-icon
https://support.apple.com/kb/HT214119 cve-icon
https://support.apple.com/kb/HT214120 cve-icon
https://ubuntu.com/security/CVE-2024-6387 cve-icon
https://ubuntu.com/security/notices/USN-6859-1 cve-icon
https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do cve-icon
https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-6387 cve-icon
https://www.exploit-db.com/exploits/52269 cve-icon
https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc cve-icon
https://www.openssh.com/txt/release-9.8 cve-icon cve-icon cve-icon
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt cve-icon cve-icon cve-icon
https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html cve-icon
https://www.suse.com/security/cve/CVE-2024-6387.html cve-icon
https://www.theregister.com/2024/07/01/regresshion_openssh/ cve-icon
https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387 cve-icon
History

Tue, 30 Sep 2025 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Almalinux
Almalinux almalinux
Amazon amazon Linux
Apple
Apple macos
Arista
Arista eos
Netapp 500f
Netapp 500f Firmware
Netapp 8300
Netapp 8300 Firmware
Netapp 8700
Netapp 8700 Firmware
Netapp a150
Netapp a150 Firmware
Netapp a1k
Netapp a1k Firmware
Netapp a220
Netapp a220 Firmware
Netapp a250
Netapp a250 Firmware
Netapp a400
Netapp a400 Firmware
Netapp a70
Netapp a700s
Netapp a700s Firmware
Netapp a70 Firmware
Netapp a800
Netapp a800 Firmware
Netapp a90
Netapp a900
Netapp a900 Firmware
Netapp a90 Firmware
Netapp a9500
Netapp a9500 Firmware
Netapp active Iq Unified Manager
Netapp bootstrap Os
Netapp c190
Netapp c190 Firmware
Netapp c250
Netapp c250 Firmware
Netapp c400
Netapp c400 Firmware
Netapp c800
Netapp c800 Firmware
Netapp fas2720
Netapp fas2720 Firmware
Netapp fas2750
Netapp fas2750 Firmware
Netapp fas2820
Netapp fas2820 Firmware
Netapp hci Compute Node
Netapp ontap
Sonicwall
Sonicwall sma 6200
Sonicwall sma 6200 Firmware
Sonicwall sma 6210
Sonicwall sma 6210 Firmware
Sonicwall sma 7200
Sonicwall sma 7200 Firmware
Sonicwall sma 7210
Sonicwall sma 7210 Firmware
Sonicwall sma 8200v
Sonicwall sma 8200v Firmware
Sonicwall sra Ex 7000
Sonicwall sra Ex 7000 Firmware
CPEs cpe:2.3:o:amazon:linux_2023:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:openbsd:openssh:8.6:-:*:*:*:*:*:*
cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:8300:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:8700:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a150:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a1k:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a220:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a400:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a70:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a800:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a900:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a90:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a9500:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c190:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c400:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c800:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2820:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_6200:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_6210:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_7200:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_7210:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_8200v:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sra_ex_7000:-:*:*:*:*:*:*:*
cpe:2.3:o:almalinux:almalinux:9.0:-:*:*:*:*:*:*
cpe:2.3:o:amazon:amazon_linux:2023.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:23.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:lts:*:*:*
cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:8300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:8700_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a150_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a1k_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a220_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a70_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a90_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a9500_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:c190_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:c400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:c800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:fas2820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_6200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_6210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_7200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_7210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_8200v_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sra_ex_7000_firmware:-:*:*:*:*:*:*:*
Vendors & Products Amazon linux 2023
Almalinux
Almalinux almalinux
Amazon amazon Linux
Apple
Apple macos
Arista
Arista eos
Netapp 500f
Netapp 500f Firmware
Netapp 8300
Netapp 8300 Firmware
Netapp 8700
Netapp 8700 Firmware
Netapp a150
Netapp a150 Firmware
Netapp a1k
Netapp a1k Firmware
Netapp a220
Netapp a220 Firmware
Netapp a250
Netapp a250 Firmware
Netapp a400
Netapp a400 Firmware
Netapp a70
Netapp a700s
Netapp a700s Firmware
Netapp a70 Firmware
Netapp a800
Netapp a800 Firmware
Netapp a90
Netapp a900
Netapp a900 Firmware
Netapp a90 Firmware
Netapp a9500
Netapp a9500 Firmware
Netapp active Iq Unified Manager
Netapp bootstrap Os
Netapp c190
Netapp c190 Firmware
Netapp c250
Netapp c250 Firmware
Netapp c400
Netapp c400 Firmware
Netapp c800
Netapp c800 Firmware
Netapp fas2720
Netapp fas2720 Firmware
Netapp fas2750
Netapp fas2750 Firmware
Netapp fas2820
Netapp fas2820 Firmware
Netapp hci Compute Node
Netapp ontap
Sonicwall
Sonicwall sma 6200
Sonicwall sma 6200 Firmware
Sonicwall sma 6210
Sonicwall sma 6210 Firmware
Sonicwall sma 7200
Sonicwall sma 7200 Firmware
Sonicwall sma 7210
Sonicwall sma 7210 Firmware
Sonicwall sma 8200v
Sonicwall sma 8200v Firmware
Sonicwall sra Ex 7000
Sonicwall sra Ex 7000 Firmware

Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.55627}

 epss

{'score': 0.63456}

Wed, 21 May 2025 18:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:10

Thu, 24 Apr 2025 19:45:00 +0000

Type Values Removed Values Added
References

Sun, 24 Nov 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 19 Aug 2024 08:30:00 +0000

Type Values Removed Values Added
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-12-11T06:17:03.387Z

Reserved: 2024-06-27T13:41:03.421Z

Link: CVE-2024-6387

cve-icon Vulnrichment

Updated: 2025-04-24T18:35:27.934Z

cve-icon NVD

Status : Analyzed

Published: 2024-07-01T13:15:06.467

Modified: 2025-09-30T13:52:23.540

Link: CVE-2024-6387

cve-icon Redhat

Severity : Important

Publid Date: 2024-07-01T08:00:00Z

Links: CVE-2024-6387 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses