Skip to content
/ CVE-2024-6387 Public

Targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems.

7 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sxlmnwb/CVE-2024-6387

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
7etsuo-regreSSHion.c
7etsuo-regreSSHion.c
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
regresshion.txt
regresshion.txt
 
 

Repository files navigation

CVE-2024-6387

a signal handler race condition in OpenSSH's server (sshd)

Description

An exploit for CVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.

Installation

$ make all

Usage

$ ./exp <ip> <port>

Exploit Details

Vulnerability Summary

The exploit targets the SIGALRM handler race condition in OpenSSH's sshd:

  • Affected Versions = [ 'SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.10', 'SSH-2.0-OpenSSH_9.3p1 Ubuntu-3ubuntu3.6', 'SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.3', 'SSH-2.0-OpenSSH_9.3p1 Ubuntu-1ubuntu3.6', 'SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u3', 'SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3' ]
  • Exploit: Remote code execution as root due to the vulnerable SIGALRM handler calling async-signal-unsafe functions.

About

Targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems.

Topics

cve-2024-6387

Resources

Readme
Activity

Stars

7 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

Languages