CVE-2023-51767

Published Dec 24, 2023

Last updated 7 days ago

CVSS high 7.0

Overview

Description
OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges. NOTE: this is disputed by the Supplier, who states "we do not consider it to be the application's responsibility to defend against platform architectural weaknesses."
Source
cve@mitre.org
NVD status
Modified
CNA Tags
disputed
Products
openssh, fedora, enterprise_linux

Risk scores

CVSS 3.1

Type
Primary
Base score
7
Impact score
5.9
Exploitability score
1
Vector string
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

nvd@nist.gov
NVD-CWE-Other

Social media

Hype score
Not currently trending

  1. CVE-2023-51767: a bogus CVE in OpenSSH https://t.co/WsbFBhiEm0 based on paper "Mayhem: Targeted Corruption of Register and Stack Variables" by Adiletta, et al., and now (informally) disputed by OpenSSH upstream

    @oss_security

    22 Sept 2025

    193 Impressions

    0 Retweets

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  2. [21,22,143,2083,2086,2087,2096],"tags":["starttls"],"vulns":["CVE-2019-16905","CVE-2020-15778","CVE-2007-2768","CVE-2025-26465","CVE-2020-14145","CVE-2023-51385","CVE-2023-51767","CVE-2021-36368","CVE-2021-41617","CVE-2016-20012","CVE-2008-3844","CVE-2023-48795"]} # DEAR ELON

    @BishopXecu74134

    24 May 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.