CVE-2024-6387

HIGH Year: 2024
CVSS v3 Score
8.1
High
Weakness Type
CWE-364
View all →

Vulnerability Description

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

Related Vulnerabilities

CVE-2024-6409

HIGH
CVSS:7.0(High)

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is...

CWE-3642024

CVE-2024-6409

HIGH
CVSS:7.0(High)

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is...

CWE-3642024

CVE-2023-1285

MEDIUM
CVSS:5.9(Medium)

Signal Handler Race Condition vulnerability in Mitsubishi Electric India GC-ENET-COM whose first 2 digits of 11-digit serial number of unit are "16" allows a remote unauthenticated attacker to cause a...

CWE-3642023

CVE-2023-5676

MEDIUM
CVSS:5.9(Medium)

In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the ...

CWE-3642023

CVE-2019-3805

MEDIUM
CVSS:5.5(Medium)

A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploi...

CWE-3642019

CVE-2020-14317

MEDIUM
CVSS:5.5(Medium)

It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of JBoss Enterprise Application Platform - Continuous Delivery (EAP-CD) introducing regression. An attac...

CWE-3642020