Information about vulnerability handling of CVE 2024-6387 on Open Enterprise Server.
Environment
Open Enterprise Server 2023 Open Enterprise Server 24.2 SUSE Linux Enterprise Server 15 SPx
Situation
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.