Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2024-2621)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

linux-pam is vulnerable to a denial of service. The vulnerability is due to attackers being able to cause a blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : PAM vulnerability (USN-6588-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6588-2 advisory. USN-6588-1 fixed a vulnerability in PAM. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu...

EulerOS 2.0 SP11 : pam (EulerOS-SA-2024-1243)

According to the versions of the pam package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for...

EulerOS 2.0 SP11 : pam (EulerOS-SA-2024-1221)

According to the versions of the pam package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for...

Code injection

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

CVE-2024-22365

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

kernel: nfs_atomic_open() returns uninitialized data instead of ENOTDIR

A flaw was found in the Linux kernel. When an application tries to open a directory using the ODIRECTORY flag in a mounted NFS filesystem, a lookup operation is performed. If the NFS server returns a file as a result of the lookup, the NFS filesystem returns an uninitialized file descriptor inste...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5384-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5384-1 advisory. It was discovered that the UDF file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations...