topic Remote Unauthenticated Code Execution Vulnerability in OpenSSH Server (regreSSHion): July 2024 in Threats https://community.isc2.org/t5/Threats/Remote-Unauthenticated-Code-Execution-Vulnerability-in-OpenSSH/m-p/72314#M1273 <P>Dear All,</P><P>&nbsp;</P><P>On July 1, 2024, the Qualys Threat Research Unit (TRU) disclosed an unauthenticated, remote code execution vulnerability that affects the OpenSSH server (sshd) in glibc-based Linux systems.</P><P><STRONG>CVE-2024-6387:</STRONG><SPAN>&nbsp;</SPAN>A signal handler race condition was found in sshd, where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then the sshd SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().</P><P>&nbsp;</P><P><SPAN class=""><A href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024" target="_blank" rel="noopener">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024</A></SPAN></P><P>&nbsp;</P><P>&nbsp;</P> Mon, 22 Jul 2024 13:09:35 GMT Kyaw_Myo_Oo 2024-07-22T13:09:35Z Remote Unauthenticated Code Execution Vulnerability in OpenSSH Server (regreSSHion): July 2024 https://community.isc2.org/t5/Threats/Remote-Unauthenticated-Code-Execution-Vulnerability-in-OpenSSH/m-p/72314#M1273 <P>Dear All,</P><P>&nbsp;</P><P>On July 1, 2024, the Qualys Threat Research Unit (TRU) disclosed an unauthenticated, remote code execution vulnerability that affects the OpenSSH server (sshd) in glibc-based Linux systems.</P><P><STRONG>CVE-2024-6387:</STRONG><SPAN>&nbsp;</SPAN>A signal handler race condition was found in sshd, where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then the sshd SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().</P><P>&nbsp;</P><P><SPAN class=""><A href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024" target="_blank" rel="noopener">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024</A></SPAN></P><P>&nbsp;</P><P>&nbsp;</P> Mon, 22 Jul 2024 13:09:35 GMT https://community.isc2.org/t5/Threats/Remote-Unauthenticated-Code-Execution-Vulnerability-in-OpenSSH/m-p/72314#M1273 Kyaw_Myo_Oo 2024-07-22T13:09:35Z