cve/2024/CVE-2024-6387.md

### [CVE-2024-6387](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6387)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ceph%20Storage%205&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ceph%20Storage%206&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ceph%20Storage%207&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%206&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%207&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209.0%20Update%20Services%20for%20SAP%20Solutions&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209.2%20Extended%20Update%20Support&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.13&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.14&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.15&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.16&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Signal%20Handler%20Race%20Condition&color=brighgreen)

### Description

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

### POC

#### Reference
- http://seclists.org/fulldisclosure/2024/Jul/18
- http://seclists.org/fulldisclosure/2024/Jul/19
- http://www.openwall.com/lists/oss-security/2024/07/03/5
- http://www.openwall.com/lists/oss-security/2024/07/28/2
- https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
- https://github.com/zgzhang/cve-2024-6387-poc
- https://news.ycombinator.com/item?id=40843778
- https://santandersecurityresearch.github.io/blog/sshing_the_masses.html
- https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html

#### Github
- https://github.com/0xMarcio/cve
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/David-M-Berry/openssh-cve-discovery
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/GhostTroops/TOP
- https://github.com/GitHubForSnap/openssh-server-gael
- https://github.com/Ostorlab/KEV
- https://github.com/Passyed/regreSSHion-Fix
- https://github.com/TAM-K592/CVE-2024-6387
- https://github.com/ThemeHackers/CVE-2024-6387
- https://github.com/Threekiii/CVE
- https://github.com/TrojanAZhen/Self_Back
- https://github.com/almogopp/OpenSSH-CVE-2024-6387-Fix
- https://github.com/azurejoga/CVE-2024-6387-how-to-fix
- https://github.com/beac0n/ruroco
- https://github.com/bigb0x/CVE-2024-6387
- https://github.com/bigb0x/OpenSSH-Scanner
- https://github.com/cybereagle2001/KQL-Security-Querries
- https://github.com/enomothem/PenTestNote
- https://github.com/giterlizzi/secdb-feeds
- https://github.com/invaderslabs/regreSSHion-CVE-2024-6387-
- https://github.com/kalvin-net/NoLimit-Secu-RegreSSHion
- https://github.com/lukibahr/stars
- https://github.com/maycon/stars
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/rxerium/stars
- https://github.com/ryanalieh/openSSH-scanner
- https://github.com/rylei-m/USU_2024_PS1_Script_For_SSH
- https://github.com/s1d6point7bugcrowd/CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH
- https://github.com/sardine-web/CVE-2024-6387_Check
- https://github.com/tanjiti/sec_profile
- https://github.com/teamos-hub/regreSSHion
- https://github.com/trailofbits/codeql-queries
Update CVE sources 2024-07-25 21:25 2024-07-25 21:25:12 +00:00			`### [CVE-2024-6387](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6387)`
Update CVE sources 2024-08-05 18:41 2024-08-05 18:41:32 +00:00			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ceph%20Storage%205&color=blue)`
Update CVE sources 2024-07-25 21:25 2024-07-25 21:25:12 +00:00			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ceph%20Storage%206&color=blue)`
Update CVE sources 2024-08-05 18:41 2024-08-05 18:41:32 +00:00			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ceph%20Storage%207&color=blue)`
Update CVE sources 2024-07-25 21:25 2024-07-25 21:25:12 +00:00			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%206&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%207&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209.0%20Update%20Services%20for%20SAP%20Solutions&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209.2%20Extended%20Update%20Support&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.13&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.14&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.15&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.16&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Signal%20Handler%20Race%20Condition&color=brighgreen)`

			`### Description`

			`A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.`

			`### POC`

			`#### Reference`
Update CVE sources 2024-08-10 19:04 2024-08-10 19:04:30 +00:00			`- http://seclists.org/fulldisclosure/2024/Jul/18`
			`- http://seclists.org/fulldisclosure/2024/Jul/19`
Update CVE sources 2024-07-25 21:25 2024-07-25 21:25:12 +00:00			`- http://www.openwall.com/lists/oss-security/2024/07/03/5`
Update CVE sources 2024-08-05 18:41 2024-08-05 18:41:32 +00:00			`- http://www.openwall.com/lists/oss-security/2024/07/28/2`
Update CVE sources 2024-07-25 21:25 2024-07-25 21:25:12 +00:00			`- https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server`
Update CVE sources 2024-08-24 17:55 2024-08-24 17:55:21 +00:00			`- https://github.com/zgzhang/cve-2024-6387-poc`
Update CVE sources 2024-08-06 19:19 2024-08-06 19:19:10 +00:00			`- https://news.ycombinator.com/item?id=40843778`
Update CVE sources 2024-08-05 18:41 2024-08-05 18:41:32 +00:00			`- https://santandersecurityresearch.github.io/blog/sshing_the_masses.html`
Update CVE sources 2024-07-25 21:25 2024-07-25 21:25:12 +00:00			`- https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html`

			`#### Github`
Update CVE sources 2024-08-05 18:41 2024-08-05 18:41:32 +00:00			`- https://github.com/0xMarcio/cve`
			`- https://github.com/CVEDB/awesome-cve-repo`
Update CVE sources 2024-07-25 21:25 2024-07-25 21:25:12 +00:00			`- https://github.com/David-M-Berry/openssh-cve-discovery`
Update CVE sources 2024-08-22 18:33 2024-08-22 18:33:16 +00:00			`- https://github.com/EGI-Federation/SVG-advisories`
Update CVE sources 2024-07-25 21:25 2024-07-25 21:25:12 +00:00			`- https://github.com/GhostTroops/TOP`
			`- https://github.com/GitHubForSnap/openssh-server-gael`
			`- https://github.com/Ostorlab/KEV`
			`- https://github.com/Passyed/regreSSHion-Fix`
			`- https://github.com/TAM-K592/CVE-2024-6387`
			`- https://github.com/ThemeHackers/CVE-2024-6387`
			`- https://github.com/Threekiii/CVE`
			`- https://github.com/TrojanAZhen/Self_Back`
Update CVE sources 2024-08-21 13:32 2024-08-21 13:32:10 +00:00			`- https://github.com/almogopp/OpenSSH-CVE-2024-6387-Fix`
Update CVE sources 2024-07-25 21:25 2024-07-25 21:25:12 +00:00			`- https://github.com/azurejoga/CVE-2024-6387-how-to-fix`
Update CVE sources 2024-08-17 18:41 2024-08-17 18:41:15 +00:00			`- https://github.com/beac0n/ruroco`
Update CVE sources 2024-07-25 21:25 2024-07-25 21:25:12 +00:00			`- https://github.com/bigb0x/CVE-2024-6387`
Update CVE sources 2024-08-25 17:33 2024-08-25 17:33:10 +00:00			`- https://github.com/bigb0x/OpenSSH-Scanner`
Update CVE sources 2024-08-06 19:19 2024-08-06 19:19:10 +00:00			`- https://github.com/cybereagle2001/KQL-Security-Querries`
Update CVE sources 2024-07-25 21:25 2024-07-25 21:25:12 +00:00			`- https://github.com/enomothem/PenTestNote`
			`- https://github.com/giterlizzi/secdb-feeds`
			`- https://github.com/invaderslabs/regreSSHion-CVE-2024-6387-`
Update CVE sources 2024-08-05 18:41 2024-08-05 18:41:32 +00:00			`- https://github.com/kalvin-net/NoLimit-Secu-RegreSSHion`
Update CVE sources 2024-07-25 21:25 2024-07-25 21:25:12 +00:00			`- https://github.com/lukibahr/stars`
			`- https://github.com/maycon/stars`
			`- https://github.com/nomi-sec/PoC-in-GitHub`
Update CVE sources 2024-08-05 18:41 2024-08-05 18:41:32 +00:00			`- https://github.com/rxerium/stars`
Update CVE sources 2024-08-25 17:33 2024-08-25 17:33:10 +00:00			`- https://github.com/ryanalieh/openSSH-scanner`
Update CVE sources 2024-08-27 19:05 2024-08-27 19:05:50 +00:00			`- https://github.com/rylei-m/USU_2024_PS1_Script_For_SSH`
Update CVE sources 2024-08-21 13:32 2024-08-21 13:32:10 +00:00			`- https://github.com/s1d6point7bugcrowd/CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH`
Update CVE sources 2024-07-25 21:25 2024-07-25 21:25:12 +00:00			`- https://github.com/sardine-web/CVE-2024-6387_Check`
			`- https://github.com/tanjiti/sec_profile`
			`- https://github.com/teamos-hub/regreSSHion`
			`- https://github.com/trailofbits/codeql-queries`