CVE-2024-6387

Name of the Vulnerable Software and Affected Versions: OpenSSH versions prior to 9.6p1-alt2, 7.9p1-alt4.gost.p10.1, and 8.9p1.202310-alt3.

Description: A signal handler race condition exists in OpenSSH's server (sshd) when a client does not authenticate within the LoginGraceTime seconds. This can lead to the execution of arbitrary code with root privileges. The issue is a regression of CVE-2006-5051 and affects systems where the signal handler calls functions that are not async-signal-safe, such as syslog(). The vulnerability also includes a remote code execution issue in ssh-agent when using PKCS#11 support (CVE-2023-38408) and a file descriptor leak in runC (CVE-2024-21626).

Recommendations: Upgrade OpenSSH to version 9.6p1-alt2 or later. Upgrade openquantumsafe-openssh to version 8.9p1.202310-alt3 or later. Upgrade openssh-gostcrypto to version 7.9p1-alt4.gost.p10.1 or later. Upgrade runC to the latest version to address the file descriptor leak.