Palo Alto Networks Security Advisories / CVE-2024-6387

CVE-2024-6387 Informational Bulletin: Impact of OpenSSH regreSSHion Vulnerability



The Palo Alto Networks Product Security Assurance team has evaluated CVE-2024-6387, known as "regreSSHion", as it relates to our products.

The SSH features in PAN-OS are not affected by CVE-2024-6387.

At present, no other Palo Alto Networks products are known to contain the vulnerable software packages and be impacted by these issues.

Protecting our customers is our highest priority. Palo Alto Networks and its Unit 42 threat research team are closely monitoring all developments. More information can be found in the Unit 42 threat brief:

CVE-2024-6387A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().

Product Status

Cloud NGFW NoneAll
PAN-OS NoneAll
Prisma Access NoneAll

Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of these issues in any of our products.

Weakness Type

CWE-364 Signal Handler Race Condition


No software updates are required at this time.


Added link to Unit 42 threat brief
Initial publication
© 2024 Palo Alto Networks, Inc. All rights reserved.