July 11, 2024 at 03:21PM
A new signal handler race condition, CVE-2024-6409, was discovered by Openwall’s Alexander Peslyak in the core sshd daemon used in RHEL 9.x and its offshoots. The flaw affects sshd versions 8.7p1 and 8.8p1 in Fedora 36 and 37 and Red Hat Enterprise Linux 9. AlmaLinux has already released a fix ahead of bigger players.
After analyzing the meeting notes, it is evident that a new signal handler race condition, named CVE-2024-6409, has been discovered in the core sshd daemon used in RHEL 9.x and its offshoots. This flaw was identified by Alexander Peslyak, also known as Solar Designer. It impacts sshd daemon versions 8.7p1 and 8.8p1, which were utilized in Fedora 36 and 37, as well as Red Hat Enterprise Linux 9 and its variations.
The vulnerability was publicized on the oss-security mailing list, and the AlmaLinux team has already issued a fix for it. AlmaLinux decided to create the update and release the package independently of CentOS Stream or RHEL, demonstrating their proactive approach to addressing the issue.
This flaw, unlike the “regreSSHion” OpenSSH bug (CVE-2024-6387), affects a part of OpenSSH operating with reduced privileges. The issue arises from calling a function from an inappropriate location, potentially enabling remote code execution. Although exploiting the bug is limited due to the affected code running with separated privileges, downstream distribution patches have exacerbated the situation, creating a discrepancy with the original upstream versions.
The decision of Red Hat not to address CVE-2024-6409 simultaneously with CVE-2024-6387, despite being aware of both issues, has caused dissatisfaction within the security community. However, the impact on end-of-life versions of Fedora should be minimal, though Canonical has assured that Ubuntu remains unaffected due to not using those specific releases.
In summary, the discovery of CVE-2024-6409 necessitates attention and action to ensure the security of affected systems.