OpenSSH Security Update (MINDBREEZE31597)

ID: MINDBREEZE31597  
Affected Components: Mindbreeze InSpire <= 24.3 Hotfix 1 
Severity: 8.1 High 
Status: Final 
First published: September 04, 2024 
CVEs: CVE-2024-6387 

Summary

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

On the Mindbreeze help website you find instructions to mitigate Mindbreeze InSpire installations prior to 24.3 Hotfix 2.

 

Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

  • Mindbreeze InSpire Release 24.3 Hotfix 2
  • Mindbreeze InSpire SaaS Release 24.3 Hotfix 2