Lucene search

K

[email protected]NVD:CVE-2023-51767

HistoryDec 24, 2023 - 7:15 a.m.

CVE-2023-51767

2023-12-2407:15:07

[email protected]

web.nvd.nist.gov

2

openssh vulnerability

row hammer attack

authentication bypass

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

20.2%

OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

Affected configurations

NVD

Node

openbsdopenssh

Node

fedoraprojectfedoraMatch39

Node

redhatenterprise_linuxMatch8.0

OR

redhatenterprise_linuxMatch9.0

References

access.redhat.com/security/cve/CVE-2023-51767

arxiv.org/abs/2309.02545

bugzilla.redhat.com/show_bug.cgi?id=2255850

github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/auth-passwd.c#L77

github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/monitor.c#L878

security.netapp.com/advisory/ntap-20240125-0006/

ubuntu.com/security/CVE-2023-51767

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

20.2%

Related for NVD:CVE-2023-51767

prion1 f51 wolfi1 redhatcve1 cgr1 ibm1 cvelist1 alpinelinux1 ubuntucve1 openvas1 osv1 debiancve1 cbl_mariner1 cve1 nessus4