CVE-2024-6387

GPTKB entity

Statements (21)
Predicate Object
gptkbp:instanceOf gptkb:security
gptkbp:affects gptkb:OpenSSH
gptkbp:alias regreSSHion
gptkbp:describes A signal handler race condition in OpenSSH's server (sshd) in the default configuration on glibc-based Linux systems allows unauthenticated remote code execution as root.
gptkbp:hasAttackVector gptkb:network_protocol
gptkbp:hasCVEID gptkb:CVE-2024-6387
gptkbp:hasCVSSScore 8.1
gptkbp:hasCWE CWE-362
gptkbp:hasExploitStatus Public exploit available
gptkbp:hasSeverity Critical
gptkbp:hasVersion OpenSSH 8.5p1 to 9.7p1
https://www.w3.org/2000/01/rdf-schema#label CVE-2024-6387
gptkbp:influencedBy gptkb:Privilege_Escalation
Remote Code Execution
gptkbp:isPatchedIn OpenSSH 9.8p1
gptkbp:publicationDate 2024-07-01
gptkbp:referencedIn https://nvd.nist.gov/vuln/detail/CVE-2024-6387
https://www.qualys.com/2024/07/01/cve-2024-6387/regreSSHion.txt
https://www.openwall.com/lists/oss-security/2024/07/01/4
gptkbp:bfsParent gptkb:APT3
gptkbp:bfsLayer 7