Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update: pam #1349

Open
dongsupark opened this issue Feb 7, 2024 · 2 comments
Open

update: pam #1349

dongsupark opened this issue Feb 7, 2024 · 2 comments
Labels
advisory security advisory cvss/HIGH > 7 && < 9 assessed CVSS security security concerns

Comments

@dongsupark
Copy link
Member

dongsupark commented Feb 7, 2024

Name: pam
CVEs: CVE-2024-22365, CVE-2024-10041, CVE-2024-10963
CVSSs: 5.5, 4.7, 7.4
Action Needed: update to >= 1.7.0 ?

Summary:

  • CVE-2024-22365: linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.
  • CVE-2024-10041: The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications. (NOTE: Enforced SELinux can mitigate the issue)
  • CVE-2024-10963: A vulnerability was found in pam_access due to the improper handling of tokens in access.conf, interpreted as hostnames. This flaw allows attackers to bypass access restrictions by spoofing hostnames, undermining configurations designed to limit access to specific TTYs or services. The flaw poses a risk in environments relying on these configurations for local access control.

refmap.gentoo:

@dongsupark dongsupark added security security concerns advisory security advisory labels Feb 7, 2024
@dongsupark dongsupark moved this from 📝 Needs Triage to 🪵Backlog in Flatcar tactical, release planning, and roadmap Feb 7, 2024
@dongsupark dongsupark added the cvss/MEDIUM >= 4 && < 7 assessed CVSS label Feb 14, 2024
@tormath1
Copy link
Contributor

@dongsupark dongsupark added cvss/HIGH > 7 && < 9 assessed CVSS and removed cvss/MEDIUM >= 4 && < 7 assessed CVSS labels Nov 8, 2024
@dongsupark
Copy link
Member Author

Added CVE-2024-10963

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
advisory security advisory cvss/HIGH > 7 && < 9 assessed CVSS security security concerns
Projects
Development

No branches or pull requests

2 participants