CVE-2024-6387: regreSSHion (OpenSSH RCE)
What is regreSSHion?
A signal handler race condition in OpenSSH server (sshd) that allows unauthenticated remote code execution as root. A regression of CVE-2006-5051, reintroduced when async-signal-unsafe functions were added to the SIGALRM handler.
Impact & Exploitation
Over 14 million potentially vulnerable OpenSSH instances identified on the internet. First unauthenticated RCE in OpenSSH in 18 years. Affects default sshd configurations.
How Precogs AI Detects regreSSHion (OpenSSH RCE)
Precogs AI Binary SAST detects signal handler race conditions in compiled network daemons and identifies vulnerable OpenSSH versions in firmware and container base images.
Precogs Research
This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.