Lucene search
OracleLinuxELSA-2024-3163HistoryMay 23, 2024 - 12:00 a.m.
pam security update
2024-05-2300:00:00
linux.oracle.com
39
pam
security
update
cve-2024-22365
rhel-21242
access control
bcrypt
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
5.1%
[1.3.1-33]
- pam_namespace: protect_dir(): use O_DIRECTORY to prevent local DoS
situations. CVE-2024-22365. Resolves: RHEL-21242
[1.3.1-32] - pam_access: handle hostnames in access.conf. Resolves: RHEL-3374
[1.3.1-31] - pam_faillock: create tallydir before creating tallyfile. Resolves: RHEL-19810
[1.3.1-30] - pam_unix: enable bcrypt. Resolves: RHEL-5057
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | pam | < 1.3.1-33.el8 | pam-1.3.1-33.el8.src.rpm |
| oracle linux | 8 | src | pam | < 1.3.1-33.el8 | pam-1.3.1-33.el8.src.rpm |
| oracle linux | 8 | aarch64 | pam | < 1.3.1-33.el8 | pam-1.3.1-33.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | pam | < 1.3.1-33.el8 | pam-1.3.1-33.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | pam-devel | < 1.3.1-33.el8 | pam-devel-1.3.1-33.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | pam-devel | < 1.3.1-33.el8 | pam-devel-1.3.1-33.el8.aarch64.rpm |
| oracle linux | 8 | src | pam | < 1.3.1-33.el8 | pam-1.3.1-33.el8.src.rpm |
| oracle linux | 8 | src | pam | < 1.3.1-33.el8 | pam-1.3.1-33.el8.src.rpm |
| oracle linux | 8 | i686 | pam | < 1.3.1-33.el8 | pam-1.3.1-33.el8.i686.rpm |
| oracle linux | 8 | i686 | pam | < 1.3.1-33.el8 | pam-1.3.1-33.el8.i686.rpm |
Related
cvelist
cvelist
CVE-2024-22365
2024-02-06 00:00:00
nessus
nessus
EulerOS 2.0 SP12 : pam (EulerOS-SA-2024-1770)
2024-05-30 00:00:00
SUSE SLES12 Security Update : pam (SUSE-SU-2024:0137-1)
2024-01-19 00:00:00
EulerOS 2.0 SP12 : pam (EulerOS-SA-2024-1747)
2024-05-30 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:0137-1)
2024-01-19 00:00:00
Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2024-1770)
2024-05-30 00:00:00
Mageia: Security Advisory (MGASA-2024-0030)
2024-02-09 00:00:00
osv
osv
Moderate: pam security update
2024-06-14 13:59:16
CVE-2024-22365
2024-02-06 08:15:52
Moderate: pam security update
2024-04-30 00:00:00
redhat
redhat
(RHSA-2024:3163) Moderate: pam security update
2024-05-22 06:35:47
(RHSA-2024:2438) Moderate: pam security update
2024-04-30 06:15:42
nvd
nvd
CVE-2024-22365
2024-02-06 08:15:52
ubuntu
ubuntu
PAM vulnerability
2024-03-26 00:00:00
PAM vulnerability
2024-01-17 00:00:00
slackware
slackware
[slackware-security] pam
2024-01-26 21:03:08
cbl_mariner
cbl_mariner
CVE-2024-22365 affecting package pam for versions less than 1.5.1-6
2024-04-09 20:48:36
redhatcve
redhatcve
CVE-2024-22365
2024-01-19 12:04:26
cve
cve
CVE-2024-22365
2024-02-06 08:15:52
alpinelinux
alpinelinux
CVE-2024-22365
2024-02-06 08:15:52
rocky
rocky
pam security update
2024-06-14 13:59:16
amazon
amazon
Low: pam
2024-02-01 19:57:00
mageia
mageia
Updated pam packages fix a security vulnerability
2024-02-09 04:34:03
veracode
veracode
Denial Of Service (DoS)
2024-04-10 17:16:30
oraclelinux
oraclelinux
pam security update
2024-05-03 00:00:00
cloudfoundry
cloudfoundry
USN-6588-1: PAM vulnerability | Cloud Foundry
2024-02-29 00:00:00
ubuntucve
ubuntucve
CVE-2024-22365
2024-01-17 00:00:00
almalinux
almalinux
Moderate: pam security update
2024-04-30 00:00:00
Moderate: pam security update
2024-05-22 00:00:00
prion
prion
Code injection
2024-02-06 08:15:00
debiancve
debiancve
CVE-2024-22365
2024-02-06 08:15:52
vulnrichment
vulnrichment
CVE-2024-22365
2024-02-06 00:00:00
redos
redos
ROS-20240409-14
2024-04-09 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2024-4.0-0554
2024-01-20 00:00:00
Moderate Photon OS Security Update - PHSA-2024-5.0-0193
2024-01-19 00:00:00
Moderate Photon OS Security Update - PHSA-2024-3.0-0714
2024-01-18 00:00:00
ibm
ibm
Security Bulletin: Security vulnerabilities may affect Ubuntu packages that are shipped with IBM CICS TX Advanced.
2024-07-16 12:17:30
hp
hp
HP ThinPro 8.0 SP 9 Security Updates
2024-06-17 00:00:00
HP ThinPro 8.1 SP 2 Security Updates
2024-04-12 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
5.1%
Related for ELSA-2024-3163