EUVD-2017-9592

Malware in sbrugna...

pam: allowing unprivileged user to block another user namespace

A vulnerability was found in Linux PAM. An unprivileged user that is not yet in a corresponding mount namespace with /tmp mounted as a polyinstantiated dir can place a FIFO there, and a subsequent attempt to login as this user with pamnamespace configured will cause the openat in protectdir to...

CLSA-2024-1713333823 Fix CVE(s): CVE-2024-22365

Backport 031bb5a5d0d950253b68138b498dc93be69a64cb: fix CVE-2024-22365 - debian/patches-applied/CVE-2024-22365.patch: pamnamespace: protectdir: use ODIRECTORY to prevent local DoS situations - CVE-2024-22365...

ALPINE-CVE-2024-22365

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

DEBIAN-CVE-2024-22365

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

PT-2024-1375

Name of the Vulnerable Software and Affected Versions linux-pam versions prior to 1.6.0 Description The issue is related to the protect dir function in the pam namespace module of Linux-PAM, which is associated with incorrect resource cleanup or release. This can allow a remote attacker to cause ...

ZPanel 10.0.0.2 Remote Command Execution Vulnerability

ZPanel version 10.0.0.2 suffers from a remote root command execution vulnerability. One of our expert team members email protected who is assigned to do the security audit of ZPanel code has found the follwoing security vulnerability with ZPanel 10.0.0.2 which will allow anyone to escalate the ro...