Security Advisory Description OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges. (CVE-2023-51767) Impact An attacker may be able to exploit this vulnerability, leading to disclosure of sensitive information, loss of data integrity, or a denial-of-service…Read More