2 matches found
The vulnerability of the mm-answer-authpassword() function in the OpenSSH cryptographic protection mechanism allows a hacker to execute the Rowhammer attack and bypass the authentication process.
The vulnerability of the mm-answer-authpassword function in the OpenSSH cryptographic protection mechanism is related to deficiencies in the authentication process. This vulnerability arises when an operation exceeds the buffer boundaries in memory, resulting in bit manipulation errors. Exploitin...
CVE-2023-51767
OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks for authentication bypass because the integer value of authenticated in mmanswerauthpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim...