CVE-2024-6409

Description

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.

CVSS v3.1 Score

7.0

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

Weakness Type (CWE)

CWE-364 CWE-364

References

Other References

https://access.redhat.com/errata/RHSA-2024:4457 https://access.redhat.com/errata/RHSA-2024:4613 https://access.redhat.com/errata/RHSA-2024:4716 https://access.redhat.com/errata/RHSA-2024:4910 https://access.redhat.com/errata/RHSA-2024:4955 https://access.redhat.com/errata/RHSA-2024:4960 https://access.redhat.com/errata/RHSA-2024:5444 https://access.redhat.com/security/cve/CVE-2024-6409 https://bugzilla.redhat.com/show_bug.cgi?id=2295085 http://www.openwall.com/lists/oss-security/2024/07/08/2

Frequently Asked Questions

What is CVE-2024-6409? +

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server. It has a CVSS v3.1 base score of 7.0 (HIGH).

How severe is CVE-2024-6409? +

CVE-2024-6409 has a CVSS v3.1 score of 7.0 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching.

How do I check if I'm vulnerable to CVE-2024-6409? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2024-6387 8.1

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to …

CVE-2026-24792 8.1

in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps.

CVE-2024-7589 8.1

A signal handler in sshd(8) may call a logging function that is not async-signal-safe. The signal handler is invoked when …

CVE-2025-53092 6.5

Strapi is an open source headless content management system. Strapi versions prior to 5.20.0 contain a CORS misconfiguration vulnerability in …

CVE-2026-42002 5.9

Concurrency and locking defects in GSS-TSIG

CVE-2026-27766 5.5

in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak.