CVE-2023-51767

ADVISORY - nist

Summary

OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

EPSS Score⁠: 0.00011 (0.010)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-other⁠

ADVISORY - redhat

CWE-287⁠

Improper Authentication

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.