#CVE20246409

OpenSSH bug leaves RHEL 9 and the RHELatives vulnerable

by

July 11, 2024 at 03:21PM A new signal handler race condition, CVE-2024-6409, was discovered by Openwall’s Alexander Peslyak in the core sshd daemon used in RHEL 9.x and its offshoots. The flaw affects sshd versions 8.7p1 and 8.8p1 in Fedora 36 and 37 and Red Hat Enterprise Linux 9. AlmaLinux has already released a fix … Read more

New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk

by

July 10, 2024 at 12:15AM Versions of OpenSSH are at risk due to a new CVE-2024-6409 vulnerability, impacting Red Hat Enterprise Linux 9 versions 8.7p1 and 8.8p1. Discovered by Solar Designer during a review of CVE-2024-6387 by Qualys, this flaw enables remote code execution in the privsep child process. An active exploit for CVE-2024-6387 has … Read more