CVE-2023-51767

Source
https://cve.org/CVERecord?id=CVE-2023-51767
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-51767.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-51767
Downstream
Related
Published
2023-12-24T00:00:00Z
Modified
2026-07-08T07:07:52.622839354Z
Severity
  • 7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mmanswerauthpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges. NOTE: this is disputed by the Supplier, who states "we do not consider it to be the application's responsibility to defend against platform architectural weaknesses."

Database specific
{
    "unresolved_ranges": [
        {
            "source": "DESCRIPTION",
            "extracted_events": [
                {
                    "fixed": "10.0"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/51xxx/CVE-2023-51767.json",
    "cna_assigner": "mitre",
    "isDisputed": true
}
References

Affected packages

Git / github.com/openssh/openssh-portable

Affected ranges

Type
GIT
Repo
https://github.com/openssh/openssh-portable
Events
Database specific
{
    "source": "CPE_STRING",
    "cpe": [
        "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
        "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "8.0"
        },
        {
            "last_affected": "8.0"
        },
        {
            "introduced": "9.0"
        },
        {
            "last_affected": "9.0"
        }
    ]
}

Affected versions

8.*
8.0
9.*
9.0
Other
V_8_0_P1
V_8_1_P1
V_8_2_P1
V_8_4_P1
V_8_5_P1
V_8_6_P1
V_8_7_P1
V_8_8_P1
V_8_9_P1
V_9_0_P1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-51767.json"