The Qualys Threat Research Unit (TRU) has discovered a Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387. The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems;
![regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server | Qualys Security Blog](https://cdn-ak-scissors.b.st-hatena.com/image/square/301e9b8f5b0abfb0527a1dcc5095d1e5ebc8714f/height=288;version=1;width=512/https%3A%2F%2Fik.imagekit.io%2Fqualys%2Fwp-content%2Fuploads%2F2024%2F06%2FQ-regreSSHion-1200x628-1-1070x560.jpg)