{ "document": { "aggregate_severity": { "text": "High" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/tuxcare9.6esu/vex/2024/cve-2024-7589-els_os-tuxcare9_6esu.json" } ], "tracking": { "current_release_date": "2026-04-17T11:00:42Z", "generator": { "date": "2026-04-17T11:00:42Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2024-7589-ELS_OS-TUXCARE9.6ESU", "initial_release_date": "2024-08-12T13:38:00Z", "revision_history": [ { "date": "2024-08-12T13:38:00Z", "number": "1", "summary": "Initial version" }, { "date": "2026-04-10T19:27:09Z", "number": "2", "summary": "Official Publication" }, { "date": "2026-04-17T11:00:42Z", "number": "3", "summary": "Update document" } ], "status": "final", "version": "3" }, "title": "Security update on CVE-2024-7589" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "AlmaLinux 9.6", "product": { "name": "AlmaLinux 9.6", "product_id": "AlmaLinux-9.6", "product_identification_helper": { "cpe": "cpe:2.3:o:almalinux:almalinux:9.6:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "AlmaLinux" } ], "category": "vendor", "name": "AlmaLinux OS Foundation" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Rocky Linux 9.6", "product": { "name": "Rocky Linux 9.6", "product_id": "Rocky Linux-9.6", "product_identification_helper": { "cpe": "cpe:2.3:o:resf:rocky_linux:9.6:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Rocky Linux" } ], "category": "vendor", "name": "Rocky Linux" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "openssh-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product": { "name": "openssh-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product_id": "openssh-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssh@8.7p1-45.el9.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product": { "name": "openssh-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product_id": "openssh-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssh@8.7p1-45.el9.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-clients-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product": { "name": "openssh-clients-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product_id": "openssh-clients-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssh-clients@8.7p1-45.el9.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-clients-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product": { "name": "openssh-clients-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product_id": "openssh-clients-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssh-clients@8.7p1-45.el9.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els1.x86_64", "product": { "name": "pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els1.x86_64", "product_id": "pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/pam_ssh_agent_auth@0.10.4-5.45.el9.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els2.x86_64", "product": { "name": "pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els2.x86_64", "product_id": "pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/pam_ssh_agent_auth@0.10.4-5.45.el9.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product": { "name": "openssh-keycat-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product_id": "openssh-keycat-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssh-keycat@8.7p1-45.el9.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product": { "name": "openssh-keycat-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product_id": "openssh-keycat-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssh-keycat@8.7p1-45.el9.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product": { "name": "openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product_id": "openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssh-sk-dummy@8.7p1-45.el9.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product": { "name": "openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product_id": "openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssh-sk-dummy@8.7p1-45.el9.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-server-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product": { "name": "openssh-server-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product_id": "openssh-server-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssh-server@8.7p1-45.el9.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-server-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product": { "name": "openssh-server-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product_id": "openssh-server-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssh-server@8.7p1-45.el9.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-askpass-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product": { "name": "openssh-askpass-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product_id": "openssh-askpass-0:8.7p1-45.el9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssh-askpass@8.7p1-45.el9.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-askpass-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product": { "name": "openssh-askpass-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product_id": "openssh-askpass-0:8.7p1-45.el9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssh-askpass@8.7p1-45.el9.tuxcare.els2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-45.el9.tuxcare.els1.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els1.x86_64" }, "product_reference": "openssh-0:8.7p1-45.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-45.el9.tuxcare.els2.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els2.x86_64" }, "product_reference": "openssh-0:8.7p1-45.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-45.el9.tuxcare.els2.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els2.x86_64" }, "product_reference": "openssh-clients-0:8.7p1-45.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-45.el9.tuxcare.els1.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els1.x86_64" }, "product_reference": "openssh-clients-0:8.7p1-45.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els1.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els1.x86_64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els2.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els2.x86_64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-45.el9.tuxcare.els2.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els2.x86_64" }, "product_reference": "openssh-keycat-0:8.7p1-45.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-45.el9.tuxcare.els1.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els1.x86_64" }, "product_reference": "openssh-keycat-0:8.7p1-45.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els1.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els1.x86_64" }, "product_reference": "openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els2.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els2.x86_64" }, "product_reference": "openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-45.el9.tuxcare.els2.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els2.x86_64" }, "product_reference": "openssh-server-0:8.7p1-45.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-45.el9.tuxcare.els1.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els1.x86_64" }, "product_reference": "openssh-server-0:8.7p1-45.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-45.el9.tuxcare.els1.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els1.x86_64" }, "product_reference": "openssh-askpass-0:8.7p1-45.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-45.el9.tuxcare.els2.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els2.x86_64" }, "product_reference": "openssh-askpass-0:8.7p1-45.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-45.el9.tuxcare.els1.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els1.x86_64" }, "product_reference": "openssh-0:8.7p1-45.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-45.el9.tuxcare.els2.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els2.x86_64" }, "product_reference": "openssh-0:8.7p1-45.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-45.el9.tuxcare.els2.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els2.x86_64" }, "product_reference": "openssh-clients-0:8.7p1-45.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-45.el9.tuxcare.els1.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els1.x86_64" }, "product_reference": "openssh-clients-0:8.7p1-45.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els1.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els1.x86_64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els2.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els2.x86_64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-45.el9.tuxcare.els2.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els2.x86_64" }, "product_reference": "openssh-keycat-0:8.7p1-45.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-45.el9.tuxcare.els1.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els1.x86_64" }, "product_reference": "openssh-keycat-0:8.7p1-45.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els1.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els1.x86_64" }, "product_reference": "openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els2.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els2.x86_64" }, "product_reference": "openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-45.el9.tuxcare.els2.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els2.x86_64" }, "product_reference": "openssh-server-0:8.7p1-45.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-45.el9.tuxcare.els1.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els1.x86_64" }, "product_reference": "openssh-server-0:8.7p1-45.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-45.el9.tuxcare.els1.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els1.x86_64" }, "product_reference": "openssh-askpass-0:8.7p1-45.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-45.el9.tuxcare.els2.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els2.x86_64" }, "product_reference": "openssh-askpass-0:8.7p1-45.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-7589", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')" }, "notes": [ { "category": "description", "text": "A signal handler in sshd(8) may call a logging function that is not async-signal-safe. The signal handler is invoked when a client does not authenticate within the LoginGraceTime seconds (120 by default). This signal handler executes in the context of the sshd(8)'s privileged code, which is not sandboxed and runs with full root privileges.\n\nThis issue is another instance of the problem in CVE-2024-6387 addressed by FreeBSD-SA-24:04.openssh. The faulty code in this case is from the integration of blacklistd in OpenSSH in FreeBSD.\n\nAs a result of calling functions that are not async-signal-safe in the privileged sshd(8) context, a race condition exists that a determined attacker may be able to exploit to allow an unauthenticated remote code execution as root.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "other", "text": "TuxCare has assessed that this vulnerability does not impact any currently supported TuxCare products. This evaluation may change as new information becomes available. For additional details regarding this vulnerability and affected products, refer to the provided references.", "title": "Statement" } ], "product_status": { "known_not_affected": [ "AlmaLinux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-7589" }, { "category": "external", "summary": "https://security.freebsd.org/advisories/FreeBSD-SA-24:08.openssh.asc", "url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:08.openssh.asc" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-5051", "url": "https://www.cve.org/CVERecord?id=CVE-2006-5051" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-6387", "url": "https://www.cve.org/CVERecord?id=CVE-2024-6387" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20240816-0002/", "url": "https://security.netapp.com/advisory/ntap-20240816-0002/" } ], "release_date": "2024-08-12T13:38:00Z", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AlmaLinux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" }, { "category": "impact", "details": "important", "product_ids": [ "AlmaLinux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els2.x86_64", "AlmaLinux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els1.x86_64", "AlmaLinux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-askpass-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-clients-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-keycat-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-server-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:openssh-sk-dummy-0:8.7p1-45.el9.tuxcare.els2.x86_64", "Rocky Linux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els1.x86_64", "Rocky Linux-9.6:pam_ssh_agent_auth-0:0.10.4-5.45.el9.tuxcare.els2.x86_64" ] } ] } ] }