A security regression (CVE-2006-5051) was discovered in OpenSSH’s server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Additionally, another OpenSSH vulnerability (USN-6859-1) discovered related to secure shell (SSH) services to bypass authentication and remotely access systems without proper credentials .
Affected Packages
- openssh – secure shell (SSH) for secure access to remote machines
- openssh-ssh1 – secure shell (SSH) for secure access to remote machines
Details
It was discovered that OpenSSH incorrectly handled signal management. A
remote attacker could use this issue to bypass authentication and remotely
access systems without proper credentials.
1) USN-6859-1 – Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 24.04
Ubuntu 23.10
Ubuntu 22.04
2) CVE-2024-6387 – Update instructions
The problem can be mitigated by changing LoginGraceTime to 0 in /etc/ssh/sshd_config .
This makes sshd vulnerable to a denial of service (the exhaustion of all MaxStartups connections), but it makes it safe from this vulnerability.
References: