UBUNTU-CVE-2023-51767
- Source
- https://ubuntu.com/security/CVE-2023-51767
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-51767.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2023-51767
- Upstream
- Withdrawn
- 2025-09-23T04:57:57Z
- Published
- 2023-12-24T07:15:00Z
- Modified
- 2025-09-08T16:56:37Z
- Severity
-
- 7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mmanswerauthpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
- References
Affected packages
Ubuntu:22.04:LTS
openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:8.9p1-3ubuntu0.13?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:8.*
1:8.4p1-6ubuntu2
1:8.7p1-2
1:8.7p1-2build1
1:8.7p1-4
1:8.8p1-1
1:8.9p1-3
1:8.9p1-3ubuntu0.1
1:8.9p1-3ubuntu0.3
1:8.9p1-3ubuntu0.4
1:8.9p1-3ubuntu0.5
1:8.9p1-3ubuntu0.6
1:8.9p1-3ubuntu0.7
1:8.9p1-3ubuntu0.10
1:8.9p1-3ubuntu0.11
1:8.9p1-3ubuntu0.13
Ecosystem specific
{
"binaries": [
{
"binary_name": "openssh-client",
"binary_version": "1:8.9p1-3ubuntu0.13"
},
{
"binary_name": "openssh-server",
"binary_version": "1:8.9p1-3ubuntu0.13"
},
{
"binary_name": "openssh-sftp-server",
"binary_version": "1:8.9p1-3ubuntu0.13"
},
{
"binary_name": "openssh-tests",
"binary_version": "1:8.9p1-3ubuntu0.13"
},
{
"binary_name": "ssh",
"binary_version": "1:8.9p1-3ubuntu0.13"
},
{
"binary_name": "ssh-askpass-gnome",
"binary_version": "1:8.9p1-3ubuntu0.13"
}
]
}openssh-ssh1
Package
- Name
- openssh-ssh1
- Purl
- pkg:deb/ubuntu/openssh-ssh1@1:7.5p1-13?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:14.04:LTS
openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:6.6p1-2ubuntu2.13+esm2?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:6.*
1:6.2p2-6
1:6.2p2-6ubuntu1
1:6.4p1-1
1:6.4p1-2
1:6.5p1-1
1:6.5p1-2
1:6.5p1-3
1:6.5p1-4
1:6.5p1-6
1:6.6p1-1
1:6.6p1-2
1:6.6p1-2ubuntu1
1:6.6p1-2ubuntu2
1:6.6p1-2ubuntu2.2
1:6.6p1-2ubuntu2.3
1:6.6p1-2ubuntu2.4
1:6.6p1-2ubuntu2.6
1:6.6p1-2ubuntu2.7
1:6.6p1-2ubuntu2.8
1:6.6p1-2ubuntu2.10
1:6.6p1-2ubuntu2.11
1:6.6p1-2ubuntu2.12
1:6.6p1-2ubuntu2.13
1:6.6p1-2ubuntu2.13+esm1
1:6.6p1-2ubuntu2.13+esm2
Ecosystem specific
{
"binaries": [
{
"binary_name": "openssh-client",
"binary_version": "1:6.6p1-2ubuntu2.13+esm2"
},
{
"binary_name": "openssh-server",
"binary_version": "1:6.6p1-2ubuntu2.13+esm2"
},
{
"binary_name": "openssh-sftp-server",
"binary_version": "1:6.6p1-2ubuntu2.13+esm2"
},
{
"binary_name": "ssh",
"binary_version": "1:6.6p1-2ubuntu2.13+esm2"
},
{
"binary_name": "ssh-askpass-gnome",
"binary_version": "1:6.6p1-2ubuntu2.13+esm2"
},
{
"binary_name": "ssh-krb5",
"binary_version": "1:6.6p1-2ubuntu2.13+esm2"
}
]
}Ubuntu:Pro:16.04:LTS
openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:7.2p2-4ubuntu2.10+esm7?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:6.*
1:6.9p1-2
1:6.9p1-3
1:7.*
1:7.1p1-1
1:7.1p1-3
1:7.1p1-4
1:7.1p1-6
1:7.1p2-1
1:7.1p2-2
1:7.2p1-1
1:7.2p2-1
1:7.2p2-2
1:7.2p2-3
1:7.2p2-4
1:7.2p2-4ubuntu1
1:7.2p2-4ubuntu2.1
1:7.2p2-4ubuntu2.2
1:7.2p2-4ubuntu2.4
1:7.2p2-4ubuntu2.5
1:7.2p2-4ubuntu2.6
1:7.2p2-4ubuntu2.7
1:7.2p2-4ubuntu2.8
1:7.2p2-4ubuntu2.10
1:7.2p2-4ubuntu2.10+esm1
1:7.2p2-4ubuntu2.10+esm2
1:7.2p2-4ubuntu2.10+esm3
1:7.2p2-4ubuntu2.10+esm4
1:7.2p2-4ubuntu2.10+esm5
1:7.2p2-4ubuntu2.10+esm6
1:7.2p2-4ubuntu2.10+esm7
Ecosystem specific
{
"binaries": [
{
"binary_name": "openssh-client",
"binary_version": "1:7.2p2-4ubuntu2.10+esm7"
},
{
"binary_name": "openssh-client-ssh1",
"binary_version": "1:7.2p2-4ubuntu2.10+esm7"
},
{
"binary_name": "openssh-server",
"binary_version": "1:7.2p2-4ubuntu2.10+esm7"
},
{
"binary_name": "openssh-sftp-server",
"binary_version": "1:7.2p2-4ubuntu2.10+esm7"
},
{
"binary_name": "ssh",
"binary_version": "1:7.2p2-4ubuntu2.10+esm7"
},
{
"binary_name": "ssh-askpass-gnome",
"binary_version": "1:7.2p2-4ubuntu2.10+esm7"
},
{
"binary_name": "ssh-krb5",
"binary_version": "1:7.2p2-4ubuntu2.10+esm7"
}
]
}Ubuntu:Pro:18.04:LTS
openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:7.6p1-4ubuntu0.7+esm4?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:7.*
1:7.5p1-10
1:7.6p1-4
1:7.6p1-4ubuntu0.1
1:7.6p1-4ubuntu0.2
1:7.6p1-4ubuntu0.3
1:7.6p1-4ubuntu0.5
1:7.6p1-4ubuntu0.6
1:7.6p1-4ubuntu0.7
1:7.6p1-4ubuntu0.7+esm1
1:7.6p1-4ubuntu0.7+esm2
1:7.6p1-4ubuntu0.7+esm3
1:7.6p1-4ubuntu0.7+esm4
Ecosystem specific
{
"binaries": [
{
"binary_name": "openssh-client",
"binary_version": "1:7.6p1-4ubuntu0.7+esm4"
},
{
"binary_name": "openssh-server",
"binary_version": "1:7.6p1-4ubuntu0.7+esm4"
},
{
"binary_name": "openssh-sftp-server",
"binary_version": "1:7.6p1-4ubuntu0.7+esm4"
},
{
"binary_name": "ssh",
"binary_version": "1:7.6p1-4ubuntu0.7+esm4"
},
{
"binary_name": "ssh-askpass-gnome",
"binary_version": "1:7.6p1-4ubuntu0.7+esm4"
}
]
}openssh-ssh1
Package
- Name
- openssh-ssh1
- Purl
- pkg:deb/ubuntu/openssh-ssh1@1:7.5p1-10?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:20.04:LTS
openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:8.2p1-4ubuntu0.13?arch=source&distro=esm-infra/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:8.*
1:8.0p1-6build1
1:8.1p1-1
1:8.1p1-5
1:8.2p1-4
1:8.2p1-4ubuntu0.1
1:8.2p1-4ubuntu0.2
1:8.2p1-4ubuntu0.3
1:8.2p1-4ubuntu0.4
1:8.2p1-4ubuntu0.5
1:8.2p1-4ubuntu0.7
1:8.2p1-4ubuntu0.8
1:8.2p1-4ubuntu0.9
1:8.2p1-4ubuntu0.10
1:8.2p1-4ubuntu0.11
1:8.2p1-4ubuntu0.12
1:8.2p1-4ubuntu0.13
Ecosystem specific
{
"binaries": [
{
"binary_name": "openssh-client",
"binary_version": "1:8.2p1-4ubuntu0.13"
},
{
"binary_name": "openssh-server",
"binary_version": "1:8.2p1-4ubuntu0.13"
},
{
"binary_name": "openssh-sftp-server",
"binary_version": "1:8.2p1-4ubuntu0.13"
},
{
"binary_name": "openssh-tests",
"binary_version": "1:8.2p1-4ubuntu0.13"
},
{
"binary_name": "ssh",
"binary_version": "1:8.2p1-4ubuntu0.13"
},
{
"binary_name": "ssh-askpass-gnome",
"binary_version": "1:8.2p1-4ubuntu0.13"
}
]
}openssh-ssh1
Package
- Name
- openssh-ssh1
- Purl
- pkg:deb/ubuntu/openssh-ssh1@1:7.5p1-11build1?arch=source&distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:FIPS-updates:18.04:LTS
openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:7.9p1-10~ubuntu18.04.fips.0.10?arch=source&distro=fips-updates/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:7.*
1:7.9p1-10~ubuntu18.04.fips.0.1
1:7.9p1-10~ubuntu18.04.fips.0.2
1:7.9p1-10~ubuntu18.04.fips.0.3
1:7.9p1-10~ubuntu18.04.fips.0.4
1:7.9p1-10~ubuntu18.04.fips.0.5
1:7.9p1-10~ubuntu18.04.fips.0.6
1:7.9p1-10~ubuntu18.04.fips.0.7
1:7.9p1-10~ubuntu18.04.fips.0.8
1:7.9p1-10~ubuntu18.04.fips.0.9
1:7.9p1-10~ubuntu18.04.fips.0.10
Ecosystem specific
{
"binaries": [
{
"binary_name": "openssh-client",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.10"
},
{
"binary_name": "openssh-client-hmac",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.10"
},
{
"binary_name": "openssh-server",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.10"
},
{
"binary_name": "openssh-server-hmac",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.10"
},
{
"binary_name": "openssh-sftp-server",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.10"
},
{
"binary_name": "openssh-tests",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.10"
},
{
"binary_name": "ssh",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.10"
},
{
"binary_name": "ssh-askpass-gnome",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.10"
}
]
}Ubuntu:Pro:FIPS-updates:20.04:LTS
openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:8.2p1-4ubuntu0.fips.0.13?arch=source&distro=fips-updates/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:8.*
1:8.2p1-4ubuntu0.fips.0.2.1
1:8.2p1-4ubuntu0.fips.0.4.0
1:8.2p1-4ubuntu0.fips.0.5.0
1:8.2p1-4ubuntu0.fips.0.7
1:8.2p1-4ubuntu0.fips.0.8
1:8.2p1-4ubuntu0.fips.0.9
1:8.2p1-4ubuntu0.fips.0.10
1:8.2p1-4ubuntu0.fips.0.11
1:8.2p1-4ubuntu0.fips.0.12
1:8.2p1-4ubuntu0.fips.0.13
Ecosystem specific
{
"binaries": [
{
"binary_name": "openssh-client",
"binary_version": "1:8.2p1-4ubuntu0.fips.0.13"
},
{
"binary_name": "openssh-server",
"binary_version": "1:8.2p1-4ubuntu0.fips.0.13"
},
{
"binary_name": "openssh-sftp-server",
"binary_version": "1:8.2p1-4ubuntu0.fips.0.13"
},
{
"binary_name": "openssh-tests",
"binary_version": "1:8.2p1-4ubuntu0.fips.0.13"
},
{
"binary_name": "ssh",
"binary_version": "1:8.2p1-4ubuntu0.fips.0.13"
},
{
"binary_name": "ssh-askpass-gnome",
"binary_version": "1:8.2p1-4ubuntu0.fips.0.13"
}
]
}Ubuntu:Pro:FIPS:16.04:LTS
openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:7.2p2-4ubuntu2.fips.2.10.7?arch=source&distro=fips-updates/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:7.*
1:7.2p2-4ubuntu2.fips.2.2.3
1:7.2p2-4ubuntu2.fips.2.4.1
1:7.2p2-4ubuntu2.fips.2.4.2
1:7.2p2-4ubuntu2.fips.2.8.1
1:7.2p2-4ubuntu2.fips.2.10.1
1:7.2p2-4ubuntu2.fips.2.10.2
1:7.2p2-4ubuntu2.fips.2.10.3
1:7.2p2-4ubuntu2.fips.2.10.4
1:7.2p2-4ubuntu2.fips.2.10.5
1:7.2p2-4ubuntu2.fips.2.10.6
1:7.2p2-4ubuntu2.fips.2.10.7
Ecosystem specific
{
"binaries": [
{
"binary_name": "openssh-client",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.7"
},
{
"binary_name": "openssh-client-hmac",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.7"
},
{
"binary_name": "openssh-client-ssh1",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.7"
},
{
"binary_name": "openssh-server",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.7"
},
{
"binary_name": "openssh-server-hmac",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.7"
},
{
"binary_name": "openssh-sftp-server",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.7"
},
{
"binary_name": "ssh",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.7"
},
{
"binary_name": "ssh-askpass-gnome",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.7"
},
{
"binary_name": "ssh-krb5",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.7"
}
]
}openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:7.2p2-4ubuntu2.fips.2.10.1?arch=source&distro=fips/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:7.*
1:7.2p2-4ubuntu2.fips.2.2
1:7.2p2-4ubuntu2.fips.2.2.1
1:7.2p2-4ubuntu2.fips.2.10.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "openssh-client",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.1"
},
{
"binary_name": "openssh-client-hmac",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.1"
},
{
"binary_name": "openssh-client-ssh1",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.1"
},
{
"binary_name": "openssh-server",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.1"
},
{
"binary_name": "openssh-server-hmac",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.1"
},
{
"binary_name": "openssh-sftp-server",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.1"
},
{
"binary_name": "ssh",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.1"
},
{
"binary_name": "ssh-askpass-gnome",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.1"
},
{
"binary_name": "ssh-krb5",
"binary_version": "1:7.2p2-4ubuntu2.fips.2.10.1"
}
]
}Ubuntu:Pro:FIPS:18.04:LTS
openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:7.9p1-10~ubuntu18.04.fips.0.2?arch=source&distro=fips/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "openssh-client",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.2"
},
{
"binary_name": "openssh-client-hmac",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.2"
},
{
"binary_name": "openssh-server",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.2"
},
{
"binary_name": "openssh-server-hmac",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.2"
},
{
"binary_name": "openssh-sftp-server",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.2"
},
{
"binary_name": "openssh-tests",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.2"
},
{
"binary_name": "ssh",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.2"
},
{
"binary_name": "ssh-askpass-gnome",
"binary_version": "1:7.9p1-10~ubuntu18.04.fips.0.2"
}
]
}Ubuntu:Pro:FIPS:20.04:LTS
openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:8.2p1-4ubuntu0.fips.0.2.1?arch=source&distro=fips/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "openssh-client",
"binary_version": "1:8.2p1-4ubuntu0.fips.0.2.1"
},
{
"binary_name": "openssh-server",
"binary_version": "1:8.2p1-4ubuntu0.fips.0.2.1"
},
{
"binary_name": "openssh-sftp-server",
"binary_version": "1:8.2p1-4ubuntu0.fips.0.2.1"
},
{
"binary_name": "openssh-tests",
"binary_version": "1:8.2p1-4ubuntu0.fips.0.2.1"
},
{
"binary_name": "ssh",
"binary_version": "1:8.2p1-4ubuntu0.fips.0.2.1"
},
{
"binary_name": "ssh-askpass-gnome",
"binary_version": "1:8.2p1-4ubuntu0.fips.0.2.1"
}
]
}