Row Hammer Attack Vulnerability in OpenSSH by OpenBSD
CVE-2023-51767

7HIGH

Key Information:

Vendor: Openssh
Status: Openssh
Vendor: CVE Published:; 24 December 2023

What is CVE-2023-51767?

A vulnerability in OpenSSH, particularly affecting versions up to 9.6, allows for potential row hammer attacks due to the integer handling in the authentication process. This issue arises when certain types of DRAM are employed, leading to the possibility of single-bit flips that may enable authentication bypass. It is significant in scenarios where an attacker and victim share the same physical environment and where the attacker possesses user privileges, thus posing a threat within that specific model.

References

https://arxiv.org/abs/2309.02545

https://github.com/openssh/openssh-portable/blob/8241b9c0...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 24, 2023
Vulnerability Reserved
Dec 24, 2023

Openssh

What is CVE-2023-51767?

References

CVSS V3.1

Timeline