


Community Manager
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
02-26-2025
06:57 AM
Summary
A signal handler in sshd(8) may call a logging function that is not async-signal-safe. The signal handler is invoked when a client does not authenticate within the LoginGraceTime seconds (120 by default). This signal handler executes in the context of the sshd(8)'s privileged code, which is not sandboxed and runs with full root privileges.
Products Potentially Affected
OS/Product |
Exposure |
ExtremeCloud IQ Controller (IQC/XCC) |
Yes |
Repair Recommendations
- Fixed in 10.12.1 or later.
Please see the full Security Advisory article here for more details and future updates.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.