JVN iPedia http://jvndb.jvn.jp Advisory JVNDB-2024-004050 OpenBSD の OpenSSH 等複数ベンダの製品には、競合状態に関する脆弱性が存在します。 cpe:/a:netapp:e-series_santricity_os_controller cpe:/a:netapp:ontap_select_deploy_administration_utility cpe:/a:netapp:ontap_tools cpe:/a:openbsd:openssh cpe:/a:redhat:openshift_container_platform cpe:/o:amazon:linux_2023 cpe:/o:canonical:ubuntu_linux cpe:/o:debian:debian_linux cpe:/o:freebsd:freebsd cpe:/o:netbsd:netbsd cpe:/o:redhat:enterprise_linux cpe:/o:redhat:enterprise_linux_eus cpe:/o:redhat:enterprise_linux_for_arm_64 cpe:/o:redhat:enterprise_linux_for_arm_64_eus cpe:/o:redhat:enterprise_linux_for_ibm_z_systems cpe:/o:redhat:enterprise_linux_for_ibm_z_systems_eus cpe:/o:redhat:enterprise_linux_for_power_little_endian cpe:/o:redhat:enterprise_linux_for_power_little_endian_eus cpe:/o:redhat:enterprise_linux_server_aus cpe:/o:suse:linux_enterprise_micro https://jvndb.jvn.jp/ja/contents/2024/JVNDB-2024-004050.html Common Vulnerabilities and Exposures (CVE) CVE-2024-6387 https://www.cve.org/CVERecord?id=CVE-2024-6387 National Vulnerability Database (NVD) CVE-2024-6387 https://nvd.nist.gov/vuln/detail/CVE-2024-6387 JVNDB CWE-362 https://jvndb.jvn.jp/ja/cwe/CWE-362.html 関連文書 security.netapp.com (ntap-20240701-0001) https://security.netapp.com/advisory/ntap-20240701-0001/ 関連文書 www.openwall.com (oss-security/2024/07/04/2) http://www.openwall.com/lists/oss-security/2024/07/04/2 関連文書 www.splunk.com (cve-2024-6387-regresshion-vulnerability) https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html 関連文書 explore.alas.aws.amazon.com (CVE-2024-6387) https://explore.alas.aws.amazon.com/CVE-2024-6387.html 関連文書 github.com (issues/87) https://github.com/rapier1/hpn-ssh/issues/87 関連文書 www.openwall.com (oss-security/2024/07/03/1) http://www.openwall.com/lists/oss-security/2024/07/03/1 関連文書 sig-security.rocky.page (CVE-2024-6387) https://sig-security.rocky.page/issues/CVE-2024-6387/ 関連文書 access.redhat.com (RHSA-2024:4312) https://access.redhat.com/errata/RHSA-2024:4312 関連文書 www.suse.com (CVE-2024-6387) https://www.suse.com/security/cve/CVE-2024-6387.html 関連文書 forum.vmssoftware.com (viewtopic.php?f=8&t=9132) https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132 関連文書 github.com (cve-2024-6387-poc) https://github.com/zgzhang/cve-2024-6387-poc 関連文書 www.openwall.com (oss-security/2024/07/03/11) http://www.openwall.com/lists/oss-security/2024/07/03/11 関連文書 stackdiary.com (openssh-race-condition-in-sshd-allows-remote-code-execution) https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/ 関連文書 access.redhat.com (RHSA-2024:4340) https://access.redhat.com/errata/RHSA-2024:4340 関連文書 www.theregister.com (regresshion_openssh) https://www.theregister.com/2024/07/01/regresshion_openssh/ 関連文書 ftp.netbsd.org (NetBSD-SA2024-002.txt.asc) https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc 関連文書 lists.mindrot.org (000158) https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html 関連文書 www.openwall.com (oss-security/2024/07/03/2) http://www.openwall.com/lists/oss-security/2024/07/03/2 関連文書 ubuntu.com (CVE-2024-6387) https://ubuntu.com/security/CVE-2024-6387 関連文書 access.redhat.com (CVE-2024-6387) https://access.redhat.com/security/cve/CVE-2024-6387 関連文書 github.com (issues/629) https://github.com/AlmaLinux/updates/issues/629 関連文書 lists.mindrot.org (041431) https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html 関連文書 www.openwall.com (oss-security/2024/07/03/3) http://www.openwall.com/lists/oss-security/2024/07/03/3 関連文書 ubuntu.com (USN-6859-1) https://ubuntu.com/security/notices/USN-6859-1 関連文書 archlinux.org (the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1) https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/ 関連文書 github.com (issues/4379) https://github.com/Azure/AKS/issues/4379 関連文書 news.ycombinator.com (40843778) https://news.ycombinator.com/item?id=40843778 関連文書 www.openwall.com (oss-security/2024/07/03/4) http://www.openwall.com/lists/oss-security/2024/07/03/4 関連文書 www.freebsd.org (FreeBSD-SA-24:04.openssh.asc) https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc 関連文書 arstechnica.com (regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux) https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/ 関連文書 github.com (discussions/2248) https://github.com/PowerShell/Win32-OpenSSH/discussions/2248 関連文書 www.openwall.com (oss-security/2024/07/01/12) http://www.openwall.com/lists/oss-security/2024/07/01/12 関連文書 psirt.global.sonicwall.com (SNWLID-2024-0010) https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010 関連文書 www.openwall.com (oss-security/2024/07/03/5) http://www.openwall.com/lists/oss-security/2024/07/03/5 関連文書 www.openssh.com (release-9.8) https://www.openssh.com/txt/release-9.8 関連文書 blog.qualys.com (regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server) https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server 関連文書 github.com (issues/2249) https://github.com/PowerShell/Win32-OpenSSH/issues/2249 関連文書 security-tracker.debian.org (CVE-2024-6387) https://security-tracker.debian.org/tracker/CVE-2024-6387 関連文書 www.openwall.com (oss-security/2024/07/04/1) http://www.openwall.com/lists/oss-security/2024/07/04/1 関連文書 www.qualys.com (regresshion.txt) https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt 関連文書 bugzilla.redhat.com (2294604) https://bugzilla.redhat.com/show_bug.cgi?id=2294604 関連文書 github.com (issues/9555) https://github.com/microsoft/azurelinux/issues/9555 関連文書 www.openwall.com (oss-security/2024/07/01/13) http://www.openwall.com/lists/oss-security/2024/07/01/13 関連文書 github.com (issues/149) https://github.com/oracle/oracle-linux/issues/149 関連文書 www.openwall.com (oss-security/2024/07/02/1) http://www.openwall.com/lists/oss-security/2024/07/02/1 2024-07-08T14:27:18+09:00 2024-07-08T14:27:18+09:00