CVE-2024-7589

Summary

CVE-2024-7589 is a newly identified vulnerability in the sshd(8) service of FreeBSD's OpenSSH implementation. The issue lies in a signal handler that is not async-signal-safe and is invoked when a client fails to authenticate within the specified LoginGraceTime. This handler, which runs in the privileged sshd(8) context, executes functions that are not designed for use in signal handlers, creating a race condition. An attacker with the ability to cause a client authentication failure could potentially exploit this vulnerability to execute arbitrary code with root privileges. This issue shares similarities with CVE-2024-6387, also related to the OpenSSH integration of blacklistd in FreeBSD. Both vulnerabilities underscore the importance of ensuring that all functions called in signal handlers are async-signal-safe and carefully managing the execution of privileged code.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.