VYPR
High severity7.5NVD Advisory· Published Jul 2, 2024· Updated Apr 15, 2026

CVE-2024-39894

CVE-2024-39894

Description

OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.