UBUNTU-CVE-2023-51767
- Source
- https://ubuntu.com/security/CVE-2023-51767
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-51767.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2023-51767
- Upstream
- Withdrawn
- 2025-07-08T10:46:53Z
- Published
- 2023-12-24T07:15:00Z
- Modified
- 2025-07-08T14:32:28.262206Z
- Severity
-
- 7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- - medium
- Summary
- [none]
- Details
-
OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mmanswerauthpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
- References
Affected packages
Ubuntu:Pro:14.04:LTS / openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:6.6p1-2ubuntu2.13+esm2?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:6.*
1:6.2p2-6
1:6.2p2-6ubuntu1
1:6.4p1-1
1:6.4p1-2
1:6.5p1-1
1:6.5p1-2
1:6.5p1-3
1:6.5p1-4
1:6.5p1-6
1:6.6p1-1
1:6.6p1-2
1:6.6p1-2ubuntu1
1:6.6p1-2ubuntu2
1:6.6p1-2ubuntu2.2
1:6.6p1-2ubuntu2.3
1:6.6p1-2ubuntu2.4
1:6.6p1-2ubuntu2.6
1:6.6p1-2ubuntu2.7
1:6.6p1-2ubuntu2.8
1:6.6p1-2ubuntu2.10
1:6.6p1-2ubuntu2.11
1:6.6p1-2ubuntu2.12
1:6.6p1-2ubuntu2.13
1:6.6p1-2ubuntu2.13+esm1
1:6.6p1-2ubuntu2.13+esm2
Ubuntu:Pro:16.04:LTS / openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:7.2p2-4ubuntu2.10+esm7?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:6.*
1:6.9p1-2
1:6.9p1-3
1:7.*
1:7.1p1-1
1:7.1p1-3
1:7.1p1-4
1:7.1p1-6
1:7.1p2-1
1:7.1p2-2
1:7.2p1-1
1:7.2p2-1
1:7.2p2-2
1:7.2p2-3
1:7.2p2-4
1:7.2p2-4ubuntu1
1:7.2p2-4ubuntu2.1
1:7.2p2-4ubuntu2.2
1:7.2p2-4ubuntu2.4
1:7.2p2-4ubuntu2.5
1:7.2p2-4ubuntu2.6
1:7.2p2-4ubuntu2.7
1:7.2p2-4ubuntu2.8
1:7.2p2-4ubuntu2.10
1:7.2p2-4ubuntu2.10+esm1
1:7.2p2-4ubuntu2.10+esm2
1:7.2p2-4ubuntu2.10+esm3
1:7.2p2-4ubuntu2.10+esm4
1:7.2p2-4ubuntu2.10+esm5
1:7.2p2-4ubuntu2.10+esm6
1:7.2p2-4ubuntu2.10+esm7
Ubuntu:Pro:FIPS:16.04:LTS / openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:7.2p2-4ubuntu2.fips.2.10.7?arch=source&distro=fips-updates/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:7.*
1:7.2p2-4ubuntu2.fips.2.2.3
1:7.2p2-4ubuntu2.fips.2.4.1
1:7.2p2-4ubuntu2.fips.2.4.2
1:7.2p2-4ubuntu2.fips.2.8.1
1:7.2p2-4ubuntu2.fips.2.10.1
1:7.2p2-4ubuntu2.fips.2.10.2
1:7.2p2-4ubuntu2.fips.2.10.3
1:7.2p2-4ubuntu2.fips.2.10.4
1:7.2p2-4ubuntu2.fips.2.10.5
1:7.2p2-4ubuntu2.fips.2.10.6
1:7.2p2-4ubuntu2.fips.2.10.7
Ubuntu:Pro:FIPS:16.04:LTS / openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:7.2p2-4ubuntu2.fips.2.10.1?arch=source&distro=fips/xenial
Ubuntu:Pro:18.04:LTS / openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:7.6p1-4ubuntu0.7+esm4?arch=source&distro=esm-infra/bionic
Ubuntu:Pro:18.04:LTS / openssh-ssh1
Package
- Name
- openssh-ssh1
- Purl
- pkg:deb/ubuntu/openssh-ssh1@1:7.5p1-10?arch=source&distro=esm-apps/bionic
Ubuntu:Pro:FIPS-updates:18.04:LTS / openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:7.9p1-10~ubuntu18.04.fips.0.10?arch=source&distro=fips-updates/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:7.*
1:7.9p1-10~ubuntu18.04.fips.0.1
1:7.9p1-10~ubuntu18.04.fips.0.2
1:7.9p1-10~ubuntu18.04.fips.0.3
1:7.9p1-10~ubuntu18.04.fips.0.4
1:7.9p1-10~ubuntu18.04.fips.0.5
1:7.9p1-10~ubuntu18.04.fips.0.6
1:7.9p1-10~ubuntu18.04.fips.0.7
1:7.9p1-10~ubuntu18.04.fips.0.8
1:7.9p1-10~ubuntu18.04.fips.0.9
1:7.9p1-10~ubuntu18.04.fips.0.10
Ubuntu:Pro:FIPS:18.04:LTS / openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:7.9p1-10~ubuntu18.04.fips.0.2?arch=source&distro=fips/bionic
Ubuntu:Pro:20.04:LTS / openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:8.2p1-4ubuntu0.13?arch=source&distro=esm-infra/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:8.*
1:8.0p1-6build1
1:8.1p1-1
1:8.1p1-5
1:8.2p1-4
1:8.2p1-4ubuntu0.1
1:8.2p1-4ubuntu0.2
1:8.2p1-4ubuntu0.3
1:8.2p1-4ubuntu0.4
1:8.2p1-4ubuntu0.5
1:8.2p1-4ubuntu0.7
1:8.2p1-4ubuntu0.8
1:8.2p1-4ubuntu0.9
1:8.2p1-4ubuntu0.10
1:8.2p1-4ubuntu0.11
1:8.2p1-4ubuntu0.12
1:8.2p1-4ubuntu0.13
Ubuntu:Pro:20.04:LTS / openssh-ssh1
Package
- Name
- openssh-ssh1
- Purl
- pkg:deb/ubuntu/openssh-ssh1@1:7.5p1-11build1?arch=source&distro=esm-apps/focal
Ubuntu:Pro:FIPS-updates:20.04:LTS / openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:8.2p1-4ubuntu0.fips.0.13?arch=source&distro=fips-updates/focal
Ubuntu:Pro:FIPS:20.04:LTS / openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:8.2p1-4ubuntu0.fips.0.2.1?arch=source&distro=fips/focal
Ubuntu:22.04:LTS / openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:8.9p1-3ubuntu0.13?arch=source&distro=jammy