Palo Alto 安全中心 2024年07月04日
CVE-2024-6387 Informational Bulletin: Impact of OpenSSH regreSSHion Vulnerability (Severity: NONE)
index_new5.html
../../../zaker_core/zaker_tpl_static/wap/tpl_guoji1.html

 

Palo Alto Networks 针对 CVE-2024-6387(称为 "regreSSHion")进行了评估,该漏洞与 OpenSSH 服务器中的信号处理程序竞争条件有关。Palo Alto Networks 的 PAN-OS、Cloud NGFW、Prisma Access 等产品不受该漏洞影响,目前尚未发现其他 Palo Alto Networks 产品包含易受攻击的软件包。Palo Alto Networks 持续关注该漏洞的发展情况,并提供最新的信息更新。

😄 **漏洞描述:** CVE-2024-6387 存在于 OpenSSH 服务器 (sshd) 中,当客户端在 LoginGraceTime 秒(默认 120 秒,旧版 OpenSSH 为 600 秒)内未进行身份验证时,sshd 的 SIGALRM 处理程序会异步调用。然而,此信号处理程序调用了某些并非异步信号安全的函数,例如 syslog()。

🤔 **影响范围:** Palo Alto Networks 的 PAN-OS、Cloud NGFW、Prisma Access 等产品不受该漏洞影响,目前尚未发现其他 Palo Alto Networks 产品包含易受攻击的软件包。

💪 **解决方案:** 目前无需进行软件更新。Palo Alto Networks 持续关注该漏洞的发展情况,并提供最新的信息更新。

🛡️ **安全建议:** 用户应保持系统和软件更新到最新版本,并遵循 Palo Alto Networks 的安全建议,以确保系统安全。

🌐 **更多信息:** 可参考 Unit 42 威胁简报获取更多信息:https://unit42.paloaltonetworks.com/threat-brief-cve-2024-6387-openssh/

Palo Alto Networks Security Advisories /CVE-2024-6387CVE-2024-6387 Informational Bulletin: Impact of OpenSSH regreSSHion VulnerabilityInformationalNVDJSON Published2024-07-01 Updated2024-07-03ReferenceDiscoveredexternallyDescriptionThe Palo Alto Networks Product Security Assurance team has evaluated CVE-2024-6387, known as "regreSSHion", as it relates to our products.The SSH features in PAN-OS are not affected by CVE-2024-6387.At present, no other Palo Alto Networks products are known to contain the vulnerable software packages and be impacted by these issues.Protecting our customers is our highest priority. Palo Alto Networks and its Unit 42 threat research team are closely monitoring all developments. More information can be found in the Unit 42 threat brief: https://unit42.paloaltonetworks.com/threat-brief-cve-2024-6387-openssh/CVESummaryCVE-2024-6387A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().Product StatusVersionsAffectedUnaffectedCloud NGFW NoneAllPAN-OS NoneAllPrisma Access NoneAllExploitation StatusPalo Alto Networks is not aware of any malicious exploitation of these issues in any of our products.Weakness TypeCWE-364 Signal Handler Race ConditionSolutionNo software updates are required at this time.Timeline2024-07-03Added link to Unit 42 threat brief2024-07-01Initial publication

Fish AI Reader

Fish AI Reader

AI辅助创作,多种专业模板,深度分析,高质量内容生成。从观点提取到深度思考,FishAI为您提供全方位的创作支持。新版本引入自定义参数,让您的创作更加个性化和精准。

FishAI

FishAI

鱼阅,AI 时代的下一个智能信息助手,助你摆脱信息焦虑

联系邮箱 441953276@qq.com

相关标签

CVE-2024-6387 OpenSSH 安全漏洞 Palo Alto Networks
相关文章