CVE-2025-40287 exfat: fix improper check of dentry.stream.valid_size

In the Linux kernel, the following vulnerability has been resolved: exfat: fix improper check of dentry.stream.validsize We found an infinite loop bug in the exFAT file system that can lead to a Denial-of-Service DoS condition. When a dentry in an exFAT filesystem is malformed, the following syst...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-22365)

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

EUVD-2024-19924

Malicious code in bioql PyPI...

CLSA-2025-1749571114 pam: Fix of 2 CVEs

CVE-2024-10041: fix possibility of leakage of secret information stored in memory - CVE-2024-22365: fix potential DoS via mkfifo because the openat call lacks ODIRECTORY...

CLSA-2025-1749570465 pam: Fix of 2 CVEs

CVE-2024-10041: fix possibility of leakage of secret information stored in memory - CVE-2024-22365: fix potential DoS via mkfifo because the openat call lacks ODIRECTORY...

Configure Audit Rules for File Access Failures

System calls, such as open, truncate, ftruncate, create and openat, are audited and monitored. If the -EACCES or -EPERM error is returned, you lack the permission to access the files. In this case, audit logs need to be recorded. File access failures due to a lack of proper permissions are common...

CBL Mariner 2.0 Security Update: pam (CVE-2024-22365)

The version of pam installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-22365 advisory. - linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via...

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2024-2621)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : pam (EulerOS-SA-2024-2045)

According to the versions of the pam packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for...

EulerOS 2.0 SP12 : pam (EulerOS-SA-2024-1747)

According to the versions of the pam package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for...

EulerOS Virtualization 2.11.1 : pam (EulerOS-SA-2024-1614)

According to the versions of the pam package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the opena...

EulerOS Virtualization 2.10.0 : pam (EulerOS-SA-2024-1534)

According to the versions of the pam package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the opena...

Denial Of Service (DoS)

linux-pam is vulnerable to a denial of service. The vulnerability is due to attackers being able to cause a blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : PAM vulnerability (USN-6588-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6588-2 advisory. USN-6588-1 fixed a vulnerability in PAM. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu...

EulerOS 2.0 SP10 : pam (EulerOS-SA-2024-1322)

According to the versions of the pam package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for...

EulerOS 2.0 SP11 : pam (EulerOS-SA-2024-1221)

According to the versions of the pam package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for...

ALPINE-CVE-2024-22365

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

CVE-2024-22365

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

CVE-2024-22365

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

AZL-34156 CVE-2024-22365 affecting package pam for versions less than 1.5.1-6

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...