OpenSSH through 9.6, when common types of DRAM are used,...
High severity
Unreviewed
Published
Dec 24, 2023
to the GitHub Advisory Database
•
Updated Mar 7, 2024
Description
Published by the National Vulnerability Database
Dec 24, 2023
Published to the GitHub Advisory Database
Dec 24, 2023
Last updated
Mar 7, 2024
OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
References