Description
A signal handler race condition in OpenSSH's server (sshd) allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems. This vulnerability affects sshd in its default configuration and is a regression of the previously patched vulnerability CVE-2006-5051.
Remediation
Upgrade OpenSSH to the latest version. This issue was fixed in OpenSSH version 9.8/9.8p1.