0

CVE-2024-6387: RCE in OpenSSH's server, on glibc-based Linux systems(seclists.org)

posted
by
Avatar
0x0@programming.dev
in
Avatar
security@programming.dev
3 comments
hidereport

Regression in signal handler.

This vulnerability is exploitable remotely on glibc-based Linux systems, where syslog() itself calls async-signal-unsafe functions (for example, malloc() and free()): an unauthenticated remote code execution as root, because it affects sshd’s privileged code, which is not sandboxed and runs with full privileges.

Sort:
HotTopControversialNewOld
You are viewing a single thread.
View all comments View context
Avatar
cucumberbob@programming.dev
1 point

You can read them as separate statements with the middle repeated and a logical AND between them:

If (8.5p1 <= your OpenSSH version) AND (your OpenSSH version < 9.8p1) Then you are vulnerable

It’s the same as saying if your OpenSSH version is between these two versions (including 8.5p1, but not 9.8p1), then you are vulnerable

permalink
report
parent
reply

Security

!security@programming.dev

Create post

A community for discussion about cybersecurity, hacking, cybersecurity news, exploits, bounties etc.

Rules :

  1. All instance-wide rules apply.
  2. Keep it totally legal.
  3. Remember the human, be civil.
  4. Be helpful, don’t be rude.

Icon base by Delapouite under CC BY 3.0 with modifications to add a gradient

Community stats

  • 2

    Monthly active users

  • 10

    Posts

  • 16

    Comments

Community moderators