A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Fixes

Solution

No solution given by the vendor.


Workaround

The below process can protect against a Remote Code Execution attack by disabling the LoginGraceTime parameter on Red Hat Enterprise Linux 9. However, the sshd server is still vulnerable to a Denial of Service if an attacker exhausts all the connections. 1) As root user, open the /etc/ssh/sshd_config 2) Add or edit the parameter configuration: ~~~ LoginGraceTime 0 ~~~ 3) Save and close the file 4) Restart the sshd daemon: ~~~ systemctl restart sshd.service ~~~ Setting LoginGraceTime to 0 disables the SSHD server's ability to drop connections if authentication is not completed within the specified timeout. If this mitigation is implemented, it is highly recommended to use a tool like 'fail2ban' alongside a firewall to monitor log files and manage connections appropriately. If any of the mitigations mentioned above is used, please note that the removal of LoginGraceTime parameter from sshd_config is not automatic when the updated package is installed.

References
Link Providers
http://seclists.org/fulldisclosure/2024/Jul/18 cve-icon
http://seclists.org/fulldisclosure/2024/Jul/19 cve-icon
http://seclists.org/fulldisclosure/2024/Jul/20 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/01/12 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/01/13 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/02/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/11 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/3 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/4 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/5 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/04/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/04/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/08/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/08/3 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/09/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/09/5 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/10/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/10/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/10/3 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/10/4 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/10/6 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/11/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/11/3 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/23/4 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/23/6 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/28/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/28/3 cve-icon
https://access.redhat.com/errata/RHSA-2024:4312 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4340 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4389 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4469 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4474 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4479 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4484 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2024-6387 cve-icon cve-icon
https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/ cve-icon
https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/ cve-icon
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2294604 cve-icon cve-icon
https://explore.alas.aws.amazon.com/CVE-2024-6387.html cve-icon
https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132 cve-icon
https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc cve-icon
https://github.com/AlmaLinux/updates/issues/629 cve-icon
https://github.com/Azure/AKS/issues/4379 cve-icon
https://github.com/PowerShell/Win32-OpenSSH/discussions/2248 cve-icon
https://github.com/PowerShell/Win32-OpenSSH/issues/2249 cve-icon
https://github.com/microsoft/azurelinux/issues/9555 cve-icon
https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09 cve-icon
https://github.com/oracle/oracle-linux/issues/149 cve-icon
https://github.com/rapier1/hpn-ssh/issues/87 cve-icon
https://github.com/zgzhang/cve-2024-6387-poc cve-icon
https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/ cve-icon
https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html cve-icon
https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html cve-icon
https://news.ycombinator.com/item?id=40843778 cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-6387 cve-icon
https://packetstorm.news/files/id/190587/ cve-icon
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010 cve-icon
https://santandersecurityresearch.github.io/blog/sshing_the_masses.html cve-icon cve-icon cve-icon
https://security-tracker.debian.org/tracker/CVE-2024-6387 cve-icon
https://security.netapp.com/advisory/ntap-20240701-0001/ cve-icon
https://sig-security.rocky.page/issues/CVE-2024-6387/ cve-icon
https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/ cve-icon
https://support.apple.com/kb/HT214118 cve-icon
https://support.apple.com/kb/HT214119 cve-icon
https://support.apple.com/kb/HT214120 cve-icon
https://ubuntu.com/security/CVE-2024-6387 cve-icon
https://ubuntu.com/security/notices/USN-6859-1 cve-icon
https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do cve-icon
https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-6387 cve-icon
https://www.exploit-db.com/exploits/52269 cve-icon
https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc cve-icon
https://www.openssh.com/txt/release-9.8 cve-icon cve-icon cve-icon
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt cve-icon cve-icon cve-icon
https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html cve-icon
https://www.suse.com/security/cve/CVE-2024-6387.html cve-icon
https://www.theregister.com/2024/07/01/regresshion_openssh/ cve-icon
https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387 cve-icon
History

Tue, 30 Sep 2025 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Almalinux
Almalinux almalinux
Amazon amazon Linux
Apple
Apple macos
Arista
Arista eos
Netapp 500f
Netapp 500f Firmware
Netapp 8300
Netapp 8300 Firmware
Netapp 8700
Netapp 8700 Firmware
Netapp a150
Netapp a150 Firmware
Netapp a1k
Netapp a1k Firmware
Netapp a220
Netapp a220 Firmware
Netapp a250
Netapp a250 Firmware
Netapp a400
Netapp a400 Firmware
Netapp a70
Netapp a700s
Netapp a700s Firmware
Netapp a70 Firmware
Netapp a800
Netapp a800 Firmware
Netapp a90
Netapp a900
Netapp a900 Firmware
Netapp a90 Firmware
Netapp a9500
Netapp a9500 Firmware
Netapp active Iq Unified Manager
Netapp bootstrap Os
Netapp c190
Netapp c190 Firmware
Netapp c250
Netapp c250 Firmware
Netapp c400
Netapp c400 Firmware
Netapp c800
Netapp c800 Firmware
Netapp fas2720
Netapp fas2720 Firmware
Netapp fas2750
Netapp fas2750 Firmware
Netapp fas2820
Netapp fas2820 Firmware
Netapp hci Compute Node
Netapp ontap
Sonicwall
Sonicwall sma 6200
Sonicwall sma 6200 Firmware
Sonicwall sma 6210
Sonicwall sma 6210 Firmware
Sonicwall sma 7200
Sonicwall sma 7200 Firmware
Sonicwall sma 7210
Sonicwall sma 7210 Firmware
Sonicwall sma 8200v
Sonicwall sma 8200v Firmware
Sonicwall sra Ex 7000
Sonicwall sra Ex 7000 Firmware
CPEs cpe:2.3:o:amazon:linux_2023:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:openbsd:openssh:8.6:-:*:*:*:*:*:*
cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:8300:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:8700:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a150:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a1k:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a220:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a400:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a70:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a800:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a900:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a90:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a9500:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c190:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c400:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c800:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2820:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_6200:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_6210:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_7200:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_7210:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_8200v:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sra_ex_7000:-:*:*:*:*:*:*:*
cpe:2.3:o:almalinux:almalinux:9.0:-:*:*:*:*:*:*
cpe:2.3:o:amazon:amazon_linux:2023.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:23.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:lts:*:*:*
cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:8300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:8700_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a150_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a1k_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a220_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a70_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a90_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a9500_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:c190_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:c400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:c800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:fas2820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_6200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_6210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_7200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_7210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_8200v_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sra_ex_7000_firmware:-:*:*:*:*:*:*:*
Vendors & Products Amazon linux 2023
Almalinux
Almalinux almalinux
Amazon amazon Linux
Apple
Apple macos
Arista
Arista eos
Netapp 500f
Netapp 500f Firmware
Netapp 8300
Netapp 8300 Firmware
Netapp 8700
Netapp 8700 Firmware
Netapp a150
Netapp a150 Firmware
Netapp a1k
Netapp a1k Firmware
Netapp a220
Netapp a220 Firmware
Netapp a250
Netapp a250 Firmware
Netapp a400
Netapp a400 Firmware
Netapp a70
Netapp a700s
Netapp a700s Firmware
Netapp a70 Firmware
Netapp a800
Netapp a800 Firmware
Netapp a90
Netapp a900
Netapp a900 Firmware
Netapp a90 Firmware
Netapp a9500
Netapp a9500 Firmware
Netapp active Iq Unified Manager
Netapp bootstrap Os
Netapp c190
Netapp c190 Firmware
Netapp c250
Netapp c250 Firmware
Netapp c400
Netapp c400 Firmware
Netapp c800
Netapp c800 Firmware
Netapp fas2720
Netapp fas2720 Firmware
Netapp fas2750
Netapp fas2750 Firmware
Netapp fas2820
Netapp fas2820 Firmware
Netapp hci Compute Node
Netapp ontap
Sonicwall
Sonicwall sma 6200
Sonicwall sma 6200 Firmware
Sonicwall sma 6210
Sonicwall sma 6210 Firmware
Sonicwall sma 7200
Sonicwall sma 7200 Firmware
Sonicwall sma 7210
Sonicwall sma 7210 Firmware
Sonicwall sma 8200v
Sonicwall sma 8200v Firmware
Sonicwall sra Ex 7000
Sonicwall sra Ex 7000 Firmware

Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.55627}

epss

{'score': 0.63456}


Wed, 21 May 2025 18:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:10

Thu, 24 Apr 2025 19:45:00 +0000


Sun, 24 Nov 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 19 Aug 2024 08:30:00 +0000


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-07-24T13:11:10.801Z

Reserved: 2024-06-27T13:41:03.421Z

Link: CVE-2024-6387

cve-icon Vulnrichment

Updated: 2025-04-24T18:35:27.934Z

cve-icon NVD

Status : Analyzed

Published: 2024-07-01T13:15:06.467

Modified: 2025-09-30T13:52:23.540

Link: CVE-2024-6387

cve-icon Redhat

Severity : Important

Publid Date: 2024-07-01T08:00:00Z

Links: CVE-2024-6387 - Bugzilla

cve-icon OpenCVE Enrichment

No data.