Severity: Unknown
Affected Package: openssh
Summary: OpenSSH row hammer attack
OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
Specific versions:
No specific recommendations provided.
Aliases: CVE-2023-51767
Published: December 27, 2023
Last Modified: December 27, 2023