发布于3月6日3月6日 Members Cisco XE: CVE-2024-6387: Remote Unauthenticated Code Execution Vulnerability in OpenSSH Server (regreSSHion): July 2024 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/02/2024 Created 07/23/2024 Added 07/23/2024 Modified 07/23/2024 Description On July 1, 2024, the Qualys Threat Research Unit (TRU) disclosed an unauthenticated, remote code execution vulnerability that affects the OpenSSH server (sshd) in glibc-based Linux systems. CVE-2024-6387: A signal handler race condition was found in sshd, where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then the sshd SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). For a description of this vulnerability, see the Qualys Security Advisory ["https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"]. This advisory will be updated as additional information becomes available. Solution(s) cisco-xe-update-latest References https://attackerkb.com/topics/cve-2024-6387 CVE - 2024-6387 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024 cisco-sa-openssh-rce-2024
