CVE-2024-6409

7.0 HIGH

Published: July 08, 2024 Modified: April 15, 2026

Description

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:4457

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2024:4613

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2024:4716

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2024:4910

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2024:4955

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2024:4960

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2024:5444

Source: secalert@redhat.com

https://access.redhat.com/security/cve/CVE-2024-6409

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2295085

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2024/07/08/2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2024/07/09/2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2024/07/09/5

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2024/07/10/1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2024/07/10/2

Source: af854a3a-2127-422b-91ae-364da2661108

https://access.redhat.com/errata/RHSA-2024:4457

Source: af854a3a-2127-422b-91ae-364da2661108

https://access.redhat.com/errata/RHSA-2024:4613

Source: af854a3a-2127-422b-91ae-364da2661108

https://access.redhat.com/errata/RHSA-2024:4716

Source: af854a3a-2127-422b-91ae-364da2661108

https://access.redhat.com/security/cve/CVE-2024-6409

Source: af854a3a-2127-422b-91ae-364da2661108

https://almalinux.org/blog/2024-07-09-cve-2024-6409/

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=2295085

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.suse.com/show_bug.cgi?id=1227217

Source: af854a3a-2127-422b-91ae-364da2661108

https://explore.alas.aws.amazon.com/CVE-2024-6409.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://github.com/openela-main/openssh/commit/c00da7741d42029e49047dd89e266d91dcfbffa0

Source: af854a3a-2127-422b-91ae-364da2661108

https://security-tracker.debian.org/tracker/CVE-2024-6409

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.netapp.com/advisory/ntap-20240712-0003/

Source: af854a3a-2127-422b-91ae-364da2661108

https://sig-security.rocky.page/issues/CVE-2024-6409/

Source: af854a3a-2127-422b-91ae-364da2661108

https://ubuntu.com/security/CVE-2024-6409

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.suse.com/security/cve/CVE-2024-6409.html

Source: af854a3a-2127-422b-91ae-364da2661108

28 reference(s) from NVD

Quick Stats

CVSS v3 Score

7.0 / 10.0

EPSS (Exploit Probability)

76.4%

99th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-364

Related CVEs

CVE-2026-40962 4.9

CVE-2026-40505 3.3

CVE-2026-40504 9.8

CVE-2026-3299 6.4

CVE-2026-40960 8.1