The average time required to exploit the CVE-2024-6387 vulnerability in OpenSSH is estimated to be around 6-8 hours of continuous connections, according to OpenSSH's advisory. This estimation is based on successful exploitation attempts conducted under laboratory conditions on 32-bit Linux/glibc systems with address space layout randomization (ASLR) enabled.
The vulnerability CVE-2024-6387 affects OpenSSH versions 8.5p1 up to, but not including, 9.8p1 due to the accidental removal of a critical component6. Additionally, OpenSSH versions earlier than 4.4p1 are vulnerable unless they are patched for CVE-2006-5051 and CVE-2008-4109.
CVE-2024-6387 allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems1. This race condition affects sshd in its default configuration, enabling attackers to execute arbitrary code with the highest privileges, potentially leading to full system compromise, data manipulation, and persistent access24.