Lucene search
F5F5:K000138643HistoryFeb 17, 2024 - 12:00 a.m.
K000138643 : OpenSSH vulnerability CVE-2023-51767
2024-02-1700:00:00
my.f5.com
41
openssh
vulnerability
row hammer attack
authentication bypass
sensitive information disclosure
data integrity loss
denial-of-service
Security Advisory Description
OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges. (CVE-2023-51767)
Impact
An attacker may be able to exploit this vulnerability, leading to disclosure of sensitive information, loss of data integrity, or a denial-of-service (DoS).
Related
prion
prion
Design/Logic Flaw
2023-12-24 07:15:00
wolfi
wolfi
CVE-2023-51767 vulnerabilities
2024-06-24 09:08:26
redhatcve
redhatcve
CVE-2023-51767
2023-12-25 21:01:41
nvd
nvd
CVE-2023-51767
2023-12-24 07:15:07
cgr
cgr
CVE-2023-51767 vulnerabilities
2024-05-19 03:07:16
ibm
ibm
Security Bulletin: IBM QRadar SIEM is not vulnerable to CVE-2023-51767
2024-05-15 17:35:34
cvelist
cvelist
CVE-2023-51767
2023-12-24 00:00:00
ubuntucve
ubuntucve
CVE-2023-51767
2023-12-24 00:00:00
alpinelinux
alpinelinux
CVE-2023-51767
2023-12-24 07:15:07
openvas
openvas
OpenBSD OpenSSH <= 9.6 Authentication Bypass Vulnerability
2024-02-29 00:00:00
osv
osv
CVE-2023-51767
2023-12-24 07:15:07
debiancve
debiancve
CVE-2023-51767
2023-12-24 07:15:07
cbl_mariner
cbl_mariner
CVE-2023-51767 affecting package openssh for versions less than 1.9.4-1
2024-06-24 09:08:25
cve
cve
CVE-2023-51767
2023-12-24 07:15:07
nessus
nessus
RHEL 9 : openssh (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 7 : openssh (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 8 : openssh (Unpatched Vulnerability)
2024-06-03 00:00:00