OpenSSH incorrectly handled signal management

Oct 29, 2024

OpenSSH incorrectly handled signal management

Summary
Openssh possible remote code execution due to a race condition in signal handling

Vulnerability ID	Vulnerability Overview
CVE-2024-6387	A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

Affected Supported TeraStations

TS7010
Vulnerability is patched from firmware version 1.36

TS5020 / TS3030
Vulnerability is patched from firmware version 2.10

TS6000
Not affected

TS5010 / TS3020 / TS3010
Not affected

Back to Security Notices

Date	Description
10/29/2024	Initial release

Back to Security Notices

Network Attached Storage

Portable Solid State Drive (SSD)

External Hard Drives

While Supplies Last

Optical Drives

Multi-Gigabit Switches

Accessories

View All

Latest Article

Buffalo Americas Product Life Cycle Status Change Notice - BS-MP2008 & BS-MP2012 Business Switches

OpenSSH incorrectly handled signal management

OpenSSH incorrectly handled signal management