CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-6409

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.69338/1

CVE-2024-6409 exposes a race condition in OpenSSH's server (sshd). This flaw occurs in the signal handling of sshd, specifically how it manages signals when a remote attacker fails to authenticate within a specified timeframe. The vulnerability arises because the SIGALRM handler calls functions, such as syslog(), that are not async-signal-safe. Although the CVSS score is 0, indicating a lower immediate impact based on the standard scoring system, the SVRS score of 30 suggests that while not critical, this issue should still be addressed. A successful attack could potentially lead to remote code execution (RCE), though it would likely be executed with the privileges of an unprivileged user running the sshd server. The "In The Wild" tag suggests that exploitation attempts have been observed, making patching and mitigation crucial to prevent potential exploitation. Addressing this vulnerability will help protect systems from unauthorized access and potential compromise.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2024-07-08
LAST MODIFIED2024-09-12
Eye Icon
SOCRadar
AI Insight

Description:

CVE-2024-6409 is a race condition vulnerability in OpenSSH's server (sshd) that could allow an unauthenticated remote attacker to execute code as an unprivileged user running the sshd server. The vulnerability arises when a remote attacker fails to authenticate within a specific time frame, triggering sshd's SIGALRM handler asynchronously. This handler calls functions that are not async-signal-safe, such as syslog(), potentially leading to remote code execution.

Key Insights:

  • High Severity: Despite a CVSS score of 7, SOCRadar's SVRS assigns a score of 40, indicating a moderate level of urgency.
  • Active Exploitation: The vulnerability is actively exploited in the wild, highlighting the need for immediate action.
  • Unprivileged Access: Successful exploitation grants attackers unprivileged access to the system running the sshd server.
  • Remote Code Execution: In the worst-case scenario, attackers could execute arbitrary code on the vulnerable system.

Mitigation Strategies:

  • Update OpenSSH: Install the latest version of OpenSSH (9.2p1) or later, which addresses this vulnerability.
  • Disable SIGALRM: Disable the SIGALRM signal handler in sshd's configuration file (/etc/ssh/sshd_config) by setting "UseDNS no" and "GSSAPIAuthentication no."
  • Limit Access: Restrict access to the sshd service to trusted hosts and users.
  • Monitor Logs: Regularly monitor system logs for suspicious activity, such as failed authentication attempts or unusual system behavior.

Additional Information:

  • Threat Actors/APT Groups: No specific threat actors or APT groups have been identified as actively exploiting this vulnerability.
  • Exploit Status: Active exploits have been published.
  • CISA Warnings: The Cybersecurity and Infrastructure Security Agency (CISA) has warned of this vulnerability, calling for immediate and necessary measures.

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

TypeIndicatorDate
IP
108.61.142.1902024-07-22
IP
45.76.165.1292024-07-22
HASH
2a5e003764180eb3531443946d2f3c80ffcb2c302024-07-22
URL
http://108.61.142.190/1.dll.sa2024-07-22
URL
http://108.61.142.190/64.zip2024-07-22
URL
http://108.61.142.190/FX300.rar2024-07-22
URL
http://108.61.142.190/PsExec.exe2024-07-22

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Citrix NetScaler Vulnerability Allows Unauthorized Command Execution
Guru Baran2025-02-20
Citrix NetScaler Vulnerability Allows Unauthorized Command Execution | Cloud Software Group issued urgent patches on February 18, 2025, for a high-severity vulnerability (CVE-2024-12284) affecting its NetScaler Console (formerly NetScaler ADM) and NetScaler Agent. Rated 8.8 on the CVSS v4.0 scale, the flaw enables authenticated attackers to execute unauthorized commands, potentially compromising enterprise management systems. The vulnerability underscores persistent risks in privileged access frameworks, [&#8230;] The post Citrix NetScaler Vulnerability Allows Unauthorized Command Execution appeared first on <a href
cybersecuritynews.com
rss
forum
news
OpenSSH bugs allows Man-in-the-Middle and DoS Attacks
Pierluigi Paganini2025-02-19
OpenSSH bugs allows Man-in-the-Middle and DoS Attacks | Two OpenSSH vulnerabilities could allow machine-in-the-middle (MitM) and denial-of-service (DoS) attacks under certain conditions. The Qualys Threat Research Unit (TRU) has discovered two vulnerabilities in OpenSSH. The first, tracked as CVE-2025-26465 (CVSS score: 6.8) can be exploited by an attacker to conduct an active machine-in-the-middle attack on the OpenSSH client when the VerifyHostKeyDNS option is enabled. The [&#8230;] <h2 class="wp
securityaffairs.co
rss
forum
news
Security Alert: OpenSSH Vulnerability Could Lead to RCE
laseem shayifa2024-11-01
Security Alert: OpenSSH Vulnerability Could Lead to RCE | Identified as CVE-2024-6409 with a CVE score of 7.0, this newly discovered vulnerability affects specific versions of the OpenSSH secure networking suite. The post Security Alert: OpenSSH Vulnerability Could Lead to RCE appeared first on SecureReading.Identified as CVE-2024-6409 with a CVE score of 7.0, this newly discovered vulnerability affects specific versions of the
securereading.com
rss
forum
news
The Potential Impact of the OpenSSH Vulnerabilities CVE-2024–6387 and CVE-2024-6409
Jagir Shastri2024-07-17
The Potential Impact of the OpenSSH Vulnerabilities CVE-2024–6387 and CVE-2024-6409 | We check the OpenSSH vulnerabilities CVE-2024–6387 and CVE-2024-6409, examining their potential real-world impact and the possibility of exploitation for CVE-2024–6387 in x64 systems.
trendmicro.com
rss
forum
news
Must Read - Security Affairs
2023-08-27
Must Read - Security Affairs | News Content: SideWinder phishing campaign targets maritime facilities in multiple countries The APT group SideWinder launched a new espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. SideWinder (also known as Razor Tiger, Rattlesnake, and T-APT-04) has been active since at least 2012, the group mainly targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. In the 2022 […] A crafty phishing campaign targets Microsoft OneDrive users Researchers detected a sophisticated phishing campaign targeting Microsoft OneDrive users to trick them into executing a PowerShell script. Over the
google.com
rss
forum
news
Must Read - Security Affairs
2023-08-27
Must Read - Security Affairs | URL: https://securityaffairs.com/must-read. Publication date: 2023-08-27 16:37:21 News Content: A crafty phishing campaign targets Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research Center observed a sophisticated phishing campaign targeting Microsoft OneDrive users. Threat actors rely on social engineering tactics to trick users into executing a PowerShell script, which leads to […] | Description: A crafty phishing campaign targets Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research Center observed a
google.com
rss
forum
news
Must Read - Security Affairs
2023-08-27
Must Read - Security Affairs | News Content: Ransomware gangs exploit recently patched VMware ESXi bug CVE-2024-37085 Microsoft warns that ransomware gangs are exploiting the recently patched CVE-2024-37085 flaw in VMware ESXi flaw. Microsoft researchers warned that multiple ransomware gangs are exploiting the recently patched vulnerability CVE-2024-37085 (CVSS score of 6.8) in VMware ESXi flaw. “Microsoft researchers have uncovered a vulnerability in ESXi hypervisors being exploited by several ransomware operators to obtain full […] Acronis Cyber Infrastructure bug actively exploited in the wild Acronis warns of a critical vulnerability in its Acronis Cyber Infrastructure (ACI) solution that
google.com
rss
forum
news

Social Media

Conoce las vulnerabilidades críticas #OpenSSH CVE-2024-6387 y CVE-2024-6409 reveladas el pasado mes de julio. Mantente a la vanguardia con nuestro análisis detallado. Haz clic aquí para acceder al informe ⬇️ https://t.co/AUDl7kHIah
0
0
0
New Trend Micro insights on #OpenSSH vulnerabilities: CVE-2024-6387 rated 9.8 CVSS and CVE-2024-6409. Understand the risks, apply patches, and employ best practices. Learn how to protect your organization here: ⬇️ https://t.co/5nx51uStSR
0
0
1
Understanding #OpenSSH vulnerabilities could save your infrastructure. CVE-2024-6387 &amp; CVE-2024-6409 pose serious threats but require sophisticated attacks. Read on for mitigation tips and analysis. Find out more here:⬇️ https://t.co/5nx51uStSR
0
0
0
Learn about the critical #OpenSSH vulnerabilities CVE-2024-6387 and CVE-2024-6409 disclosed earlier last month. Stay ahead with our detailed analysis. Click here for the report: ⬇️ https://t.co/5nx51uStSR
0
0
0
New Trend Micro insights on #OpenSSH vulnerabilities: CVE-2024-6387 rated 9.8 CVSS and CVE-2024-6409. Understand the risks, apply patches, and employ best practices. Learn how to protect your organization here:⬇️ https://t.co/5nx51uStSR
0
0
0
🚨 CVE-2024-6409: Critical SIGALRM syslog race condition in Red Hat Enterprise Linux 6-9. Impact: Potential remote code execution. Action: Patch immediately and monitor systems for suspicious activity. #CyberSecurity #LinuxSecurity
0
0
0
We take a closer look at critical #OpenSSH vulnerabilities CVE-2024-6387 "regreSSHion" (CVSS 9.8) and CVE-2024-6409. We discuss the exploits and their impact on x64 systems. Read more: ⬇️ https://t.co/5nx51uStSR
0
0
0
Understanding #OpenSSH vulnerabilities could save your infrastructure. CVE-2024-6387 &amp; CVE-2024-6409 pose serious threats but require sophisticated attacks. Read on for mitigation tips and analysis. Find out more here: ⬇️ https://t.co/5nx51uStSR
0
1
0
A critical flaw discovered in OpenSSH (CVE-2024-6409) allows malicious actors to potentially execute code remotely on affected systems. This poses a serious risk to organizations and individuals. Don't delay! https://t.co/Yxl6mTt6mF . . . #Vulnerability #php #ssh #cybersecurity
0
0
0
Trend Micro Search: The Potential Impact of the OpenSSH Vulnerabilities CVE-2024–6387 and CVE-2024-6409: We check the OpenSSH vulnerabilities CVE-2024–6387 and CVE-2024-6409, examining their potential real-world impact and the possibility… https://t.co/e9PxoymLaw Check it out! https://t.co/dBNLau4eLx
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]http://www.openwall.com/lists/oss-security/2024/07/08/2
[email protected]https://access.redhat.com/security/cve/CVE-2024-6409
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2295085
[email protected]http://www.openwall.com/lists/oss-security/2024/07/08/2
[email protected]https://access.redhat.com/security/cve/CVE-2024-6409
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2295085
[email protected]https://explore.alas.aws.amazon.com/CVE-2024-6409.html
[email protected]https://security-tracker.debian.org/tracker/CVE-2024-6409
[email protected]https://sig-security.rocky.page/issues/CVE-2024-6409/
[email protected]https://ubuntu.com/security/CVE-2024-6409
[email protected]http://www.openwall.com/lists/oss-security/2024/07/08/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/2
[email protected]https://access.redhat.com/security/cve/CVE-2024-6409
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2295085
[email protected]https://explore.alas.aws.amazon.com/CVE-2024-6409.html
[email protected]https://security-tracker.debian.org/tracker/CVE-2024-6409
[email protected]https://sig-security.rocky.page/issues/CVE-2024-6409/
[email protected]https://ubuntu.com/security/CVE-2024-6409
[email protected]http://www.openwall.com/lists/oss-security/2024/07/08/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/5
[email protected]https://access.redhat.com/security/cve/CVE-2024-6409
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2295085
[email protected]https://explore.alas.aws.amazon.com/CVE-2024-6409.html
[email protected]https://security-tracker.debian.org/tracker/CVE-2024-6409
[email protected]https://sig-security.rocky.page/issues/CVE-2024-6409/
[email protected]https://ubuntu.com/security/CVE-2024-6409
[email protected]http://www.openwall.com/lists/oss-security/2024/07/08/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/5
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/1
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/2
[email protected]https://access.redhat.com/security/cve/CVE-2024-6409
[email protected]https://almalinux.org/blog/2024-07-09-cve-2024-6409/
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2295085
[email protected]https://bugzilla.suse.com/show_bug.cgi?id=1227217
[email protected]https://explore.alas.aws.amazon.com/CVE-2024-6409.html
[email protected]https://security-tracker.debian.org/tracker/CVE-2024-6409
[email protected]https://sig-security.rocky.page/issues/CVE-2024-6409/
[email protected]https://ubuntu.com/security/CVE-2024-6409
[email protected]https://www.suse.com/security/cve/CVE-2024-6409.html
[email protected]http://www.openwall.com/lists/oss-security/2024/07/08/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/5
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/1
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/2
[email protected]https://access.redhat.com/security/cve/CVE-2024-6409
[email protected]https://almalinux.org/blog/2024-07-09-cve-2024-6409/
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2295085
[email protected]https://bugzilla.suse.com/show_bug.cgi?id=1227217
[email protected]https://explore.alas.aws.amazon.com/CVE-2024-6409.html
[email protected]https://github.com/openela-main/openssh/commit/c00da7741d42029e49047dd89e266d91dcfbffa0
[email protected]https://security-tracker.debian.org/tracker/CVE-2024-6409
[email protected]https://sig-security.rocky.page/issues/CVE-2024-6409/
[email protected]https://ubuntu.com/security/CVE-2024-6409
[email protected]https://www.suse.com/security/cve/CVE-2024-6409.html
[email protected]http://www.openwall.com/lists/oss-security/2024/07/08/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/5
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/1
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/2
[email protected]https://access.redhat.com/security/cve/CVE-2024-6409
[email protected]https://almalinux.org/blog/2024-07-09-cve-2024-6409/
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2295085
[email protected]https://bugzilla.suse.com/show_bug.cgi?id=1227217
[email protected]https://explore.alas.aws.amazon.com/CVE-2024-6409.html
[email protected]https://github.com/openela-main/openssh/commit/c00da7741d42029e49047dd89e266d91dcfbffa0
[email protected]https://security-tracker.debian.org/tracker/CVE-2024-6409
[email protected]https://security.netapp.com/advisory/ntap-20240712-0003/
[email protected]https://sig-security.rocky.page/issues/CVE-2024-6409/
[email protected]https://ubuntu.com/security/CVE-2024-6409
[email protected]https://www.suse.com/security/cve/CVE-2024-6409.html
[email protected]http://www.openwall.com/lists/oss-security/2024/07/08/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/5
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/1
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/2
[email protected]https://access.redhat.com/errata/RHSA-2024:4457
[email protected]https://access.redhat.com/security/cve/CVE-2024-6409
[email protected]https://almalinux.org/blog/2024-07-09-cve-2024-6409/
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2295085
[email protected]https://bugzilla.suse.com/show_bug.cgi?id=1227217
[email protected]https://explore.alas.aws.amazon.com/CVE-2024-6409.html
[email protected]https://github.com/openela-main/openssh/commit/c00da7741d42029e49047dd89e266d91dcfbffa0
[email protected]https://security-tracker.debian.org/tracker/CVE-2024-6409
[email protected]https://security.netapp.com/advisory/ntap-20240712-0003/
[email protected]https://sig-security.rocky.page/issues/CVE-2024-6409/
[email protected]https://ubuntu.com/security/CVE-2024-6409
[email protected]https://www.suse.com/security/cve/CVE-2024-6409.html
[email protected]http://www.openwall.com/lists/oss-security/2024/07/08/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/5
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/1
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/2
[email protected]https://access.redhat.com/errata/RHSA-2024:4457
[email protected]https://access.redhat.com/errata/RHSA-2024:4716
[email protected]https://access.redhat.com/security/cve/CVE-2024-6409
[email protected]https://almalinux.org/blog/2024-07-09-cve-2024-6409/
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2295085
[email protected]https://bugzilla.suse.com/show_bug.cgi?id=1227217
[email protected]https://explore.alas.aws.amazon.com/CVE-2024-6409.html
[email protected]https://github.com/openela-main/openssh/commit/c00da7741d42029e49047dd89e266d91dcfbffa0
[email protected]https://security-tracker.debian.org/tracker/CVE-2024-6409
[email protected]https://security.netapp.com/advisory/ntap-20240712-0003/
[email protected]https://sig-security.rocky.page/issues/CVE-2024-6409/
[email protected]https://ubuntu.com/security/CVE-2024-6409
[email protected]https://www.suse.com/security/cve/CVE-2024-6409.html
[email protected]http://www.openwall.com/lists/oss-security/2024/07/08/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/5
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/1
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/2
[email protected]https://access.redhat.com/errata/RHSA-2024:4457
[email protected]https://access.redhat.com/errata/RHSA-2024:4613
[email protected]https://access.redhat.com/errata/RHSA-2024:4716
[email protected]https://access.redhat.com/security/cve/CVE-2024-6409
[email protected]https://almalinux.org/blog/2024-07-09-cve-2024-6409/
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2295085
[email protected]https://bugzilla.suse.com/show_bug.cgi?id=1227217
[email protected]https://explore.alas.aws.amazon.com/CVE-2024-6409.html
[email protected]https://github.com/openela-main/openssh/commit/c00da7741d42029e49047dd89e266d91dcfbffa0
[email protected]https://security-tracker.debian.org/tracker/CVE-2024-6409
[email protected]https://security.netapp.com/advisory/ntap-20240712-0003/
[email protected]https://sig-security.rocky.page/issues/CVE-2024-6409/
[email protected]https://ubuntu.com/security/CVE-2024-6409
[email protected]https://www.suse.com/security/cve/CVE-2024-6409.html
[email protected]http://www.openwall.com/lists/oss-security/2024/07/08/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/5
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/1
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/2
[email protected]https://access.redhat.com/errata/RHSA-2024:4457
[email protected]https://access.redhat.com/errata/RHSA-2024:4613
[email protected]https://access.redhat.com/errata/RHSA-2024:4716
[email protected]https://access.redhat.com/errata/RHSA-2024:4910
[email protected]https://access.redhat.com/security/cve/CVE-2024-6409
[email protected]https://almalinux.org/blog/2024-07-09-cve-2024-6409/
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2295085
[email protected]https://bugzilla.suse.com/show_bug.cgi?id=1227217
[email protected]https://explore.alas.aws.amazon.com/CVE-2024-6409.html
[email protected]https://github.com/openela-main/openssh/commit/c00da7741d42029e49047dd89e266d91dcfbffa0
[email protected]https://security-tracker.debian.org/tracker/CVE-2024-6409
[email protected]https://security.netapp.com/advisory/ntap-20240712-0003/
[email protected]https://sig-security.rocky.page/issues/CVE-2024-6409/
[email protected]https://ubuntu.com/security/CVE-2024-6409
[email protected]https://www.suse.com/security/cve/CVE-2024-6409.html
[email protected]http://www.openwall.com/lists/oss-security/2024/07/08/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/5
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/1
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/2
[email protected]https://access.redhat.com/errata/RHSA-2024:4457
[email protected]https://access.redhat.com/errata/RHSA-2024:4613
[email protected]https://access.redhat.com/errata/RHSA-2024:4716
[email protected]https://access.redhat.com/errata/RHSA-2024:4910
[email protected]https://access.redhat.com/errata/RHSA-2024:4955
[email protected]https://access.redhat.com/security/cve/CVE-2024-6409
[email protected]https://almalinux.org/blog/2024-07-09-cve-2024-6409/
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2295085
[email protected]https://bugzilla.suse.com/show_bug.cgi?id=1227217
[email protected]https://explore.alas.aws.amazon.com/CVE-2024-6409.html
[email protected]https://github.com/openela-main/openssh/commit/c00da7741d42029e49047dd89e266d91dcfbffa0
[email protected]https://security-tracker.debian.org/tracker/CVE-2024-6409
[email protected]https://security.netapp.com/advisory/ntap-20240712-0003/
[email protected]https://sig-security.rocky.page/issues/CVE-2024-6409/
[email protected]https://ubuntu.com/security/CVE-2024-6409
[email protected]https://www.suse.com/security/cve/CVE-2024-6409.html
[email protected]http://www.openwall.com/lists/oss-security/2024/07/08/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/5
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/1
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/2
[email protected]https://access.redhat.com/errata/RHSA-2024:4457
[email protected]https://access.redhat.com/errata/RHSA-2024:4613
[email protected]https://access.redhat.com/errata/RHSA-2024:4716
[email protected]https://access.redhat.com/errata/RHSA-2024:4910
[email protected]https://access.redhat.com/errata/RHSA-2024:4955
[email protected]https://access.redhat.com/errata/RHSA-2024:4960
[email protected]https://access.redhat.com/security/cve/CVE-2024-6409
[email protected]https://almalinux.org/blog/2024-07-09-cve-2024-6409/
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2295085
[email protected]https://bugzilla.suse.com/show_bug.cgi?id=1227217
[email protected]https://explore.alas.aws.amazon.com/CVE-2024-6409.html
[email protected]https://github.com/openela-main/openssh/commit/c00da7741d42029e49047dd89e266d91dcfbffa0
[email protected]https://security-tracker.debian.org/tracker/CVE-2024-6409
[email protected]https://security.netapp.com/advisory/ntap-20240712-0003/
[email protected]https://sig-security.rocky.page/issues/CVE-2024-6409/
[email protected]https://ubuntu.com/security/CVE-2024-6409
[email protected]https://www.suse.com/security/cve/CVE-2024-6409.html
[email protected]http://www.openwall.com/lists/oss-security/2024/07/08/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/2
[email protected]http://www.openwall.com/lists/oss-security/2024/07/09/5
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/1
[email protected]http://www.openwall.com/lists/oss-security/2024/07/10/2
[email protected]https://access.redhat.com/errata/RHSA-2024:4457
[email protected]https://access.redhat.com/errata/RHSA-2024:4613
[email protected]https://access.redhat.com/errata/RHSA-2024:4716
[email protected]https://access.redhat.com/errata/RHSA-2024:4910
[email protected]https://access.redhat.com/errata/RHSA-2024:4955
[email protected]https://access.redhat.com/errata/RHSA-2024:4960
[email protected]https://access.redhat.com/errata/RHSA-2024:5444
[email protected]https://access.redhat.com/security/cve/CVE-2024-6409
[email protected]https://almalinux.org/blog/2024-07-09-cve-2024-6409/
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2295085
[email protected]https://bugzilla.suse.com/show_bug.cgi?id=1227217
[email protected]https://explore.alas.aws.amazon.com/CVE-2024-6409.html
[email protected]https://github.com/openela-main/openssh/commit/c00da7741d42029e49047dd89e266d91dcfbffa0
[email protected]https://security-tracker.debian.org/tracker/CVE-2024-6409
[email protected]https://security.netapp.com/advisory/ntap-20240712-0003/
[email protected]https://sig-security.rocky.page/issues/CVE-2024-6409/
[email protected]https://ubuntu.com/security/CVE-2024-6409
[email protected]https://www.suse.com/security/cve/CVE-2024-6409.html
[email protected]https://access.redhat.com/errata/RHSA-2024:4457
[email protected]https://access.redhat.com/errata/RHSA-2024:4613
[email protected]https://access.redhat.com/errata/RHSA-2024:4716
[email protected]https://access.redhat.com/errata/RHSA-2024:4910
[email protected]https://access.redhat.com/errata/RHSA-2024:4955
[email protected]https://access.redhat.com/errata/RHSA-2024:4960
[email protected]https://access.redhat.com/errata/RHSA-2024:5444
[email protected]https://access.redhat.com/security/cve/CVE-2024-6409
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2295085

CWE Details

CWE IDCWE NameDescription
CWE-364Signal Handler Race ConditionThe software uses a signal handler that introduces a race condition.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence