发布于3月6日3月6日 Members Oracle Linux: CVE-2024-6387: ELSA-2024-12468: openssh security update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 07/01/2024 Created 07/02/2024 Added 07/01/2024 Modified 12/01/2024 Description A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. Solution(s) oracle-linux-upgrade-openssh oracle-linux-upgrade-openssh-askpass oracle-linux-upgrade-openssh-clients oracle-linux-upgrade-openssh-keycat oracle-linux-upgrade-openssh-server oracle-linux-upgrade-pam-ssh-agent-auth References https://attackerkb.com/topics/cve-2024-6387 CVE - 2024-6387 ELSA-2024-12468 ELSA-2024-4312
