Palo Alto Networks Security Advisories /CVE-2024-6387CVE-2024-6387 Informational Bulletin: Impact of OpenSSH regreSSHion VulnerabilityInformationalNVDJSON Published2024-07-01 Updated2024-07-03ReferenceDiscoveredexternallyDescriptionThe Palo Alto Networks Product Security Assurance team has evaluated CVE-2024-6387, known as "regreSSHion", as it relates to our products.The SSH features in PAN-OS are not affected by CVE-2024-6387.At present, no other Palo Alto Networks products are known to contain the vulnerable software packages and be impacted by these issues.Protecting our customers is our highest priority. Palo Alto Networks and its Unit 42 threat research team are closely monitoring all developments. More information can be found in the Unit 42 threat brief: https://unit42.paloaltonetworks.com/threat-brief-cve-2024-6387-openssh/CVESummaryCVE-2024-6387A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().Product StatusVersionsAffectedUnaffectedCloud NGFW NoneAllPAN-OS NoneAllPrisma Access NoneAllExploitation StatusPalo Alto Networks is not aware of any malicious exploitation of these issues in any of our products.Weakness TypeCWE-364 Signal Handler Race ConditionSolutionNo software updates are required at this time.Timeline2024-07-03Added link to Unit 42 threat brief2024-07-01Initial publication