Hi Vulnerability scanners run at my company have detected the following vulnerability in the Cygwin sshd:
<https://dellinclabs.kennasecurity.com/vulnerabilities/341847636> CVE-2024-6387 CVSS 3: 8.1<https://dellinclabs.kennasecurity.com/vulnerabilities/341847636> OpenSSH could allow a remote attacker to execute arbitrary code on the system, caused by a signal handler race condition. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code with root privileges on glibc-based Linux systems. OpenSSH Vulnerability: CVE-2024-6387 * Published: 07- 1-24 00:00 * Diagnosis: A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). * Solution: Upgrade to the latest version of OpenSSH Download and apply the upgrade from: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH The latest version of OpenSSH is 9.6. While you can always build OpenSSH from source<http://www.openssh.com/portable.html>, many platforms and distributions provide pre-built binary packages for OpenSSH. These pre-built packages are usually customized and optimized for a particular distribution, therefore we recommend that you use the packages if they are available for your operating system. Running SSH service Product OpenSSH exists -- OpenBSD OpenSSH 9.8 Vulnerable version of product OpenSSH found -- OpenBSD OpenSSH 9.8 Vulnerable version of OpenSSH detected on Microsoft Windows My Cygwin installation is using openssh 9.8p1-1 which, at this writing, is the latest available version. What are the plans to address this vulnerability in cygwin's openssh component? Thanks tl Terry Lemons Senior Principal Software Engineer, Dell EMC Dell Technologies | Data Management terry.lem...@dell.com<mailto:terry.lem...@dell.com> Internal Use - Confidential -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
