Описание
OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | ignored | |
| esm-infra-legacy/trusty | ignored | |
| esm-infra/bionic | ignored | |
| esm-infra/focal | ignored | |
| esm-infra/xenial | ignored | |
| fips-updates/bionic | ignored | |
| fips-updates/focal | ignored | |
| fips-updates/xenial | ignored | |
| fips/bionic | ignored |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | ignored | |
| esm-apps/bionic | ignored | |
| esm-apps/focal | ignored | |
| esm-apps/jammy | ignored | |
| focal | ignored | |
| jammy | ignored | |
| lunar | ignored | end of life, was ignored [2024-01-02] |
| mantic | ignored | |
| trusty | DNE |
Показывать по
EPSS
7 High
CVSS3
Связанные уязвимости
OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
OpenSSH through 9.6, when common types of DRAM are used, might allow r ...
OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
Уязвимость функции mm_answer_authpassword() cредства криптографической защиты OpenSSH, позволяющая нарушителю реализовать атаку Rowhammer и обойти процедуру аутентификации
EPSS
7 High
CVSS3