Description
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| unaffected |
|
||||||||
| Red Hat | Red Hat Enterprise Linux 9 | affected |
|
||||||
| Red Hat | Red Hat Enterprise Linux 9 | affected |
|
||||||
| Red Hat | Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | affected |
|
||||||
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | affected |
|
||||||
| Red Hat | Red Hat OpenShift Container Platform 4.13 | affected |
|
||||||
| Red Hat | Red Hat OpenShift Container Platform 4.14 | affected |
|
||||||
| Red Hat | Red Hat OpenShift Container Platform 4.15 | affected |
|
||||||
| Red Hat | Red Hat OpenShift Container Platform 4.16 | affected |
|
||||||
| Red Hat | Red Hat Ceph Storage 5 | unaffected | — | ||||||
| Red Hat | Red Hat Ceph Storage 6 | unaffected | — | ||||||
| Red Hat | Red Hat Ceph Storage 7 | unaffected | — | ||||||
| Red Hat | Red Hat Enterprise Linux 10 | unaffected | — | ||||||
| Red Hat | Red Hat Enterprise Linux 6 | unaffected | — | ||||||
| Red Hat | Red Hat Enterprise Linux 7 | unaffected | — | ||||||
| Red Hat | Red Hat Enterprise Linux 8 | unaffected | — |
Configuration 1 [-]
| AND |
|
Configuration 2 [-]
| AND |
|
Configuration 3 [-]
|
Configuration 4 [-]
|
Configuration 5 [-]
|
Configuration 6 [-]
| AND |
|
Configuration 7 [-]
| AND |
|
Configuration 8 [-]
| AND |
|
Configuration 9 [-]
| AND |
|
Configuration 10 [-]
| AND |
|
Configuration 11 [-]
| AND |
|
Configuration 12 [-]
| AND |
|
Configuration 13 [-]
| AND |
|
Configuration 14 [-]
| AND |
|
Configuration 15 [-]
| AND |
|
Configuration 16 [-]
| AND |
|
Configuration 17 [-]
| AND |
|
Configuration 18 [-]
| AND |
|
Configuration 19 [-]
| AND |
|
Configuration 20 [-]
| AND |
|
Configuration 21 [-]
| AND |
|
Configuration 22 [-]
| AND |
|
Configuration 23 [-]
| AND |
|
Configuration 24 [-]
| AND |
|
Configuration 25 [-]
| AND |
|
Configuration 26 [-]
| AND |
|
Configuration 27 [-]
| AND |
|
Configuration 28 [-]
| AND |
|
Configuration 29 [-]
| AND |
|
Configuration 30 [-]
| AND |
|
Configuration 31 [-]
| AND |
|
Configuration 32 [-]
|
Configuration 33 [-]
|
Configuration 34 [-]
|
Configuration 35 [-]
|
Configuration 36 [-]
|
Configuration 37 [-]
|
Configuration 38 [-]
|
Configuration 39 [-]
|
Configuration 40 [-]
|
Configuration 41 [-]
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| Red Hat Enterprise Linux 9 | |||
| openssh-0:8.7p1-38.el9_4.1 | cpe:/a:redhat:enterprise_linux:9 | RHSA-2024:4312 | 2024-07-03T00:00:00Z |
| openssh-0:8.7p1-38.el9_4.1 | cpe:/o:redhat:enterprise_linux:9 | RHSA-2024:4312 | 2024-07-03T00:00:00Z |
| Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | |||
| openssh-0:8.7p1-12.el9_0.1 | cpe:/a:redhat:rhel_e4s:9.0 | RHSA-2024:4389 | 2024-07-08T00:00:00Z |
| Red Hat Enterprise Linux 9.2 Extended Update Support | |||
| openssh-0:8.7p1-30.el9_2.4 | cpe:/a:redhat:rhel_eus:9.2 | RHSA-2024:4340 | 2024-07-05T00:00:00Z |
| Red Hat OpenShift Container Platform 4.13 | |||
| rhcos-413.92.202407091321-0 | cpe:/a:redhat:openshift:4.13::el9 | RHSA-2024:4484 | 2024-07-17T00:00:00Z |
| Red Hat OpenShift Container Platform 4.14 | |||
| rhcos-414.92.202407091253-0 | cpe:/a:redhat:openshift:4.14::el9 | RHSA-2024:4479 | 2024-07-17T00:00:00Z |
| Red Hat OpenShift Container Platform 4.15 | |||
| rhcos-415.92.202407091355-0 | cpe:/a:redhat:openshift:4.15::el9 | RHSA-2024:4474 | 2024-07-18T00:00:00Z |
| Red Hat OpenShift Container Platform 4.16 | |||
| rhcos-416.94.202407081958-0 | cpe:/a:redhat:openshift:4.16::el9 | RHSA-2024:4469 | 2024-07-16T00:00:00Z |
No data available yet.
Remediation
Vendor Workaround
The below process can protect against a Remote Code Execution attack by disabling the LoginGraceTime parameter on Red Hat Enterprise Linux 9. However, the sshd server is still vulnerable to a Denial of Service if an attacker exhausts all the connections. 1) As root user, open the /etc/ssh/sshd_config 2) Add or edit the parameter configuration: ~~~ LoginGraceTime 0 ~~~ 3) Save and close the file 4) Restart the sshd daemon: ~~~ systemctl restart sshd.service ~~~ Setting LoginGraceTime to 0 disables the SSHD server's ability to drop connections if authentication is not completed within the specified timeout. If this mitigation is implemented, it is highly recommended to use a tool like 'fail2ban' alongside a firewall to monitor log files and manage connections appropriately. If any of the mitigations mentioned above is used, please note that the removal of LoginGraceTime parameter from sshd_config is not automatic when the updated package is installed.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 Debian DSA |
DSA-5724-1 | openssh security update |
 Ubuntu USN |
USN-6859-1 | OpenSSH vulnerability |
References
History
Tue, 30 Sep 2025 14:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Almalinux
Almalinux almalinux Amazon amazon Linux Apple Apple macos Arista Arista eos Netapp 500f Netapp 500f Firmware Netapp 8300 Netapp 8300 Firmware Netapp 8700 Netapp 8700 Firmware Netapp a150 Netapp a150 Firmware Netapp a1k Netapp a1k Firmware Netapp a220 Netapp a220 Firmware Netapp a250 Netapp a250 Firmware Netapp a400 Netapp a400 Firmware Netapp a70 Netapp a700s Netapp a700s Firmware Netapp a70 Firmware Netapp a800 Netapp a800 Firmware Netapp a90 Netapp a900 Netapp a900 Firmware Netapp a90 Firmware Netapp a9500 Netapp a9500 Firmware Netapp active Iq Unified Manager Netapp bootstrap Os Netapp c190 Netapp c190 Firmware Netapp c250 Netapp c250 Firmware Netapp c400 Netapp c400 Firmware Netapp c800 Netapp c800 Firmware Netapp fas2720 Netapp fas2720 Firmware Netapp fas2750 Netapp fas2750 Firmware Netapp fas2820 Netapp fas2820 Firmware Netapp hci Compute Node Netapp ontap Sonicwall Sonicwall sma 6200 Sonicwall sma 6200 Firmware Sonicwall sma 6210 Sonicwall sma 6210 Firmware Sonicwall sma 7200 Sonicwall sma 7200 Firmware Sonicwall sma 7210 Sonicwall sma 7210 Firmware Sonicwall sma 8200v Sonicwall sma 8200v Firmware Sonicwall sra Ex 7000 Sonicwall sra Ex 7000 Firmware |
|
| CPEs | cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:* cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:* cpe:2.3:a:openbsd:openssh:8.6:-:*:*:*:*:*:* cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:8300:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:8700:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:a150:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:a1k:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:a220:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:a400:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:a70:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:a800:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:a900:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:a90:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:a9500:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:c190:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:c400:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:c800:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:fas2820:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_6200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_6210:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_7200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_7210:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_8200v:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sra_ex_7000:-:*:*:*:*:*:*:* cpe:2.3:o:almalinux:almalinux:9.0:-:*:*:*:*:*:* cpe:2.3:o:amazon:amazon_linux:2023.0:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:23.10:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:lts:*:*:* cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:8300_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:8700_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:a150_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:a1k_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:a220_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:a70_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:a800_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:a900_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:a90_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:a9500_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:c190_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:c400_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:c800_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:fas2820_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_6200_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_6210_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_7200_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_7210_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_8200v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sra_ex_7000_firmware:-:*:*:*:*:*:*:* |
|
| Vendors & Products |
Amazon linux 2023
|
Almalinux
Almalinux almalinux Amazon amazon Linux Apple Apple macos Arista Arista eos Netapp 500f Netapp 500f Firmware Netapp 8300 Netapp 8300 Firmware Netapp 8700 Netapp 8700 Firmware Netapp a150 Netapp a150 Firmware Netapp a1k Netapp a1k Firmware Netapp a220 Netapp a220 Firmware Netapp a250 Netapp a250 Firmware Netapp a400 Netapp a400 Firmware Netapp a70 Netapp a700s Netapp a700s Firmware Netapp a70 Firmware Netapp a800 Netapp a800 Firmware Netapp a90 Netapp a900 Netapp a900 Firmware Netapp a90 Firmware Netapp a9500 Netapp a9500 Firmware Netapp active Iq Unified Manager Netapp bootstrap Os Netapp c190 Netapp c190 Firmware Netapp c250 Netapp c250 Firmware Netapp c400 Netapp c400 Firmware Netapp c800 Netapp c800 Firmware Netapp fas2720 Netapp fas2720 Firmware Netapp fas2750 Netapp fas2750 Firmware Netapp fas2820 Netapp fas2820 Firmware Netapp hci Compute Node Netapp ontap Sonicwall Sonicwall sma 6200 Sonicwall sma 6200 Firmware Sonicwall sma 6210 Sonicwall sma 6210 Firmware Sonicwall sma 7200 Sonicwall sma 7200 Firmware Sonicwall sma 7210 Sonicwall sma 7210 Firmware Sonicwall sma 8200v Sonicwall sma 8200v Firmware Sonicwall sra Ex 7000 Sonicwall sra Ex 7000 Firmware |
Wed, 16 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Wed, 21 May 2025 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:/o:redhat:enterprise_linux:10 |
Thu, 24 Apr 2025 19:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Sun, 24 Nov 2024 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 19 Aug 2024 08:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Subscriptions
Almalinux
Subscribe
Almalinux
Subscribe
Amazon
Subscribe
Amazon Linux
Subscribe
Apple
Subscribe
Macos
Subscribe
Arista
Subscribe
Eos
Subscribe
Canonical
Subscribe
Ubuntu Linux
Subscribe
Debian
Subscribe
Debian Linux
Subscribe
Freebsd
Subscribe
Freebsd
Subscribe
Netapp
Subscribe
500f
Subscribe
500f Firmware
Subscribe
8300
Subscribe
8300 Firmware
Subscribe
8700
Subscribe
8700 Firmware
Subscribe
A150
Subscribe
A150 Firmware
Subscribe
A1k
Subscribe
A1k Firmware
Subscribe
A220
Subscribe
A220 Firmware
Subscribe
A250
Subscribe
A250 Firmware
Subscribe
A400
Subscribe
A400 Firmware
Subscribe
A70
Subscribe
A700s
Subscribe
A700s Firmware
Subscribe
A70 Firmware
Subscribe
A800
Subscribe
A800 Firmware
Subscribe
A90
Subscribe
A900
Subscribe
A900 Firmware
Subscribe
A90 Firmware
Subscribe
A9500
Subscribe
A9500 Firmware
Subscribe
Active Iq Unified Manager
Subscribe
Bootstrap Os
Subscribe
C190
Subscribe
C190 Firmware
Subscribe
C250
Subscribe
C250 Firmware
Subscribe
C400
Subscribe
C400 Firmware
Subscribe
C800
Subscribe
C800 Firmware
Subscribe
E-series Santricity Os Controller
Subscribe
Fas2720
Subscribe
Fas2720 Firmware
Subscribe
Fas2750
Subscribe
Fas2750 Firmware
Subscribe
Fas2820
Subscribe
Fas2820 Firmware
Subscribe
Hci Compute Node
Subscribe
Ontap
Subscribe
Ontap Select Deploy Administration Utility
Subscribe
Ontap Tools
Subscribe
Netbsd
Subscribe
Netbsd
Subscribe
Openbsd
Subscribe
Openssh
Subscribe
Redhat
Subscribe
Ceph Storage
Subscribe
Enterprise Linux
Subscribe
Enterprise Linux Eus
Subscribe
Enterprise Linux For Arm 64
Subscribe
Enterprise Linux For Arm 64 Eus
Subscribe
Enterprise Linux For Ibm Z Systems
Subscribe
Enterprise Linux For Ibm Z Systems Eus
Subscribe
Enterprise Linux For Power Little Endian
Subscribe
Enterprise Linux For Power Little Endian Eus
Subscribe
Enterprise Linux Server Aus
Subscribe
Openshift
Subscribe
Openshift Container Platform
Subscribe
Rhel E4s
Subscribe
Rhel Eus
Subscribe
Sonicwall
Subscribe
Sma 6200
Subscribe
Sma 6200 Firmware
Subscribe
Sma 6210
Subscribe
Sma 6210 Firmware
Subscribe
Sma 7200
Subscribe
Sma 7200 Firmware
Subscribe
Sma 7210
Subscribe
Sma 7210 Firmware
Subscribe
Sma 8200v
Subscribe
Sma 8200v Firmware
Subscribe
Sra Ex 7000
Subscribe
Sra Ex 7000 Firmware
Subscribe
Suse
Subscribe
Linux Enterprise Micro
Subscribe
MITRE
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-12-11T06:17:03.387Z
Reserved: 2024-06-27T13:41:03.421Z
Link: CVE-2024-6387
Vulnrichment
Updated: 2025-04-24T18:35:27.934Z
NVD
Status : Analyzed
Published: 2024-07-01T13:15:06.467
Modified: 2025-09-30T13:52:23.540
Link: CVE-2024-6387
Redhat
OpenCVE Enrichment
No data.