ASA-202407-1 log generated external raw

[ASA-202407-1] openssh: authentication bypass
Arch Linux Security Advisory ASA-202407-1 ========================================= Severity: High Date : 2024-07-01 CVE-ID : CVE-2024-6387 Package : openssh Type : authentication bypass Remote : Yes Link : https://security.archlinux.org/AVG-2855 Summary ======= The package openssh before version 9.8p1-1 is vulnerable to authentication bypass. Resolution ========== Upgrade to 9.8p1-1. # pacman -Syu "openssh>=9.8p1-1" The problem has been fixed upstream in version 9.8p1. Workaround ========== Set LoginGraceTime to 0 in /etc/ssh/sshd_config. This makes sshd vulnerable to a denial of service (the exhaustion of all MaxStartups connections), but it makes it safe from this vulnerability. Description =========== A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). Impact ====== A remote attacker could use this issue to bypass authentication and remotely access systems without proper credentials. During upgrade, the sshd service must be restarted right away using the same connection to avoid being locked out. References ========== https://www.openwall.com/lists/oss-security/2024/07/01/3 https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt https://github.com/openssh/openssh-portable/commit/81c1099d22b81ebfd20a334ce986c4f753b0db29 https://security.archlinux.org/CVE-2024-6387

[ASA-202407-1] openssh: authentication bypass

Arch Linux Security Advisory ASA-202407-1 ========================================= Severity: High Date : 2024-07-01 CVE-ID : CVE-2024-6387 Package : openssh Type : authentication bypass Remote : Yes Link : https://security.archlinux.org/AVG-2855 Summary ======= The package openssh before version 9.8p1-1 is vulnerable to authentication bypass. Resolution ========== Upgrade to 9.8p1-1. # pacman -Syu "openssh>=9.8p1-1" The problem has been fixed upstream in version 9.8p1. Workaround ========== Set LoginGraceTime to 0 in /etc/ssh/sshd_config. This makes sshd vulnerable to a denial of service (the exhaustion of all MaxStartups connections), but it makes it safe from this vulnerability. Description =========== A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). Impact ====== A remote attacker could use this issue to bypass authentication and remotely access systems without proper credentials. During upgrade, the sshd service must be restarted right away using the same connection to avoid being locked out. References ========== https://www.openwall.com/lists/oss-security/2024/07/01/3 https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt https://github.com/openssh/openssh-portable/commit/81c1099d22b81ebfd20a334ce986c4f753b0db29 https://security.archlinux.org/CVE-2024-6387