First published: Sun Dec 24 2023(Updated: )
OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Openbsd Openssh | ||
Fedoraproject Fedora | =39 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux | =9.0 | |
debian/openssh | <=1:7.9p1-10+deb10u2<=1:7.9p1-10+deb10u4<=1:8.4p1-5+deb11u3<=1:9.2p1-2+deb12u2<=1:9.6p1-4<=1:9.7p1-4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.