EulerOS 2.0 SP10 : pam (EulerOS-SA-2024-1322)

According to the versions of the pam package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for...

EulerOS 2.0 SP11 : pam (EulerOS-SA-2024-1221)

According to the versions of the pam package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for...

EulerOS 2.0 SP11 : pam (EulerOS-SA-2024-1243)

According to the versions of the pam package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for...

CVE-2024-22365

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

CVE-2024-22365

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

ALPINE-CVE-2024-22365

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

DEBIAN-CVE-2024-22365

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

AZL-34156 CVE-2024-22365 affecting package pam for versions less than 1.5.1-6

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

AZL-35100 CVE-2024-22365 affecting package pam for versions less than 1.5.3-2

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

Code injection

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.

...

CVE-2024-22365

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

CVE-2024-22365

CVE-2024-22365 affects Linux PAM (pam) where an unprivileged user in a non-mount-namespace can place a FIFO and a subsequent login attempts via pam_namespace block on openat() due to missing O_DIRECTORY in protect_dir(), causing a local denial of service. A fix is available in newer pam packages ...

CVE-2024-22365

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

Low: pam

Issue Overview: A vulnerability was found in Linux PAM. An unprivileged user that is not yet in a corresponding mount namespace with /tmp mounted as a polyinstantiated dir can place a FIFO there, and a subsequent attempt to login as this user with pamnamespace configured will cause the openat in...

CVE-2024-22365

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

Low: pam

Issue Overview: A vulnerability was found in Linux PAM. An unprivileged user that is not yet in a corresponding mount namespace with /tmp mounted as a polyinstantiated dir can place a FIFO there, and a subsequent attempt to login as this user with pamnamespace configured will cause the openat in...

CVE-2024-22365

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

Amazon Linux 2023 : pam, pam-devel (ALAS2023-2024-502)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-502 advisory. A vulnerability was found in Linux PAM. An unprivileged user that is not yet in a corresponding mount namespace with /tmp mounted as a polyinstantiated dir can place a FIFO there, and a subsequent attem...

Low: pam

Issue Overview: A vulnerability was found in Linux PAM. An unprivileged user that is not yet in a corresponding mount namespace with /tmp mounted as a polyinstantiated dir can place a FIFO there, and a subsequent attempt to login as this user with pamnamespace configured will cause the openat in...