USN-6887-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2024-39894 UBUNTU-CVE-2024-39894

Published: 09 Jul 2024, 14:04

Last modified:04 Feb 2026, 03:59

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

09 Jul 2024, 14:04

Published

Vulnerability first disclosed

04 Feb 2026, 03:59

Last Modified

Vulnerability information updated

Description

openssh vulnerability Philippos Giavridis, Jacky Wei En Kung, Daniel Hugenroth, and Alastair Beresford discovered that the OpenSSH ObscureKeystrokeTiming feature did not work as expected. A remote attacker could possibly use this issue to determine timing information about keystrokes.

Affected Systems

ubuntu•openssh
< 1:9.6p1-3ubuntu13.4

References (2)

https://ubuntu.com/security/notices/USN-6887-1
https://ubuntu.com/security/CVE-2024-39894