A critical unauthenticated remote code execution (RCE) vulnerability, identified as CVE-2024-6387, affects OpenSSH servers (sshd) running on glibc-based Linux systems. This vulnerability arises from a race condition in the sshd signal handler.
An unauthenticated attacker can trigger this vulnerability by failing to authenticate within the configured login grace period. This leads to the execution of unsafe functions within the sshd signal handler, potentially granting the attacker root privileges on the system.
The vulnerability is easily exploitable and public exploits are available. Urgent patching is recommended to mitigate this critical risk. For a description of this vulnerability, see the Qualys Security Advisory.
OpenSSH versions 8.5p1-9.8p1 are vulnerable. Older versions (pre-4.4p1) are also affected if they haven’t been patched for CVE-2006-5051 or CVE-2008-4109.
