AZL-34156 CVE-2024-22365 affecting package pam for versions less than 1.5.1-6

🗓️ 06 Feb 2024 08:15:52Reported by GoogleType

osv🔗 osv.dev👁 3 Views

AZL-34156 CVE-2024-22365 affects linux-pam before 1.6.0 and pam before 1.5.1-6, enabling denial of service via mkfifo.

Reporter	Title	Published	Views	Family All 165
IBM Security Bulletins	Security Bulletin: IBM Storage Ceph is vulnerable to Insecure Inherited Permissions in the RHEL UBI (CVE-2024-22365)	27 Jun 202519:55	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to libssh, Linux-pam ,Kerberos 5, systemd and idna packages/liberaries.	17 Jun 202411:59	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities	18 Aug 202514:17	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities may affect Ubuntu packages that are shipped with IBM CICS TX Advanced.	16 Jul 202412:17	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates	23 Aug 202409:49	–	ibm
IBM Security Bulletins	Security Bulletin: IBM DataPower Gateway vulnerable to DoS (CVE-2024-22365)	28 Jan 202522:08	–	ibm
Tenable Nessus	Amazon Linux 2023 : pam, pam-devel (ALAS2023-2024-502)	6 Feb 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : pam (ALAS-2024-2435)	6 Feb 202400:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0137: pam (ALINUX3-SA-2024:0137)	14 May 202500:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: pam (CVE-2024-22365)	10 Feb 202500:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-22365

21 Apr 2026 04:27Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.15.5

EPSS0.00085