Threat Brief: CVE-2024-6387 OpenSSH RegreSSHion Vulnerability
Executive Summary
On July 1, 2024, a critical signal handler race condition vulnerability was disclosed in OpenSSH servers (sshd) on glibc-based Linux systems. This vulnerability, called RegreSSHion and tracked as CVE-2024-6387, can result in unauthenticated remote code execution (RCE) with root privileges. This vulnerability has been rated High severity (CVSS 8.1).
This vulnerability impacts the following OpenSSH server versions:
Open SSH version between 8.5p1-9.8p1
Open SSH versions earlier than 4.4p1, if they’ve not backport-patched against CVE-2006-5051 or patched against CVE-2008-4109
https://unit42.paloaltonetworks.com/threat-brief-cve-2024-6387-openssh/
>>Click here to continue<<
