Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close


Published: 1 July 2024

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

From the Ubuntu Security Team

It was discovered that OpenSSH incorrectly handled signal management. A remote attacker could use this issue to bypass authentication and remotely access systems without proper credentials.


Priority reason:
Potential remote code execution
openssh-ssh1 is provided for compatibility with old
devices that cannot be upgraded to modern protocols. Thus we may
not provide security support for this package if doing so would
prevent access to equipment.
introduced in upstream commit 752250caa ("upstream: revised
log infrastructure for OpenSSH", 2020-10-16) (v8.5p1)
essentially a regression of CVE-2006-5051
Because of a quirk of the 24.04/noble patch to allow
systemd socket activation, it is believed that that release is
not vulnerable to the exploitation approach taken by Qualys.


Set LoginGraceTime to 0 in /etc/ssh/sshd_config. This makes sshd
vulnerable to a denial of service (the exhaustion of all MaxStartups
connections), but it makes it safe from this vulnerability.



Cvss 3 Severity Score


Score breakdown


Package Release Status
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(introduced in v8.5p1)
focal Not vulnerable
(introduced in v8.5p1)
Released (1:8.9p1-3ubuntu0.10)
Released (1:9.3p1-1ubuntu3.6)
Released (1:9.6p1-3ubuntu13.3)
trusty Not vulnerable
(introduced in v8.5p1)
upstream Pending
xenial Not vulnerable
(introduced in v8.5p1)
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(introduced in v8.5p1)
focal Not vulnerable
(introduced in v8.5p1)
jammy Not vulnerable
(introduced in v8.5p1)
mantic Not vulnerable
(introduced in v8.5p1)
noble Not vulnerable
(introduced in v8.5p1)
upstream Ignored
(frozen on openssh 7.5p)

Severity score breakdown

Parameter Value
Base score 8.1
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H