update: pam #1349

dongsupark · 2024-02-07T15:09:58Z

Name: pam
CVEs: CVE-2024-22365
CVSSs: 5.5
Action Needed: update to >= 1.6.1

Summary: linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.

refmap.gentoo: https://bugs.gentoo.org/922397

dongsupark added security security concerns advisory security advisory cvss/MEDIUM >= 4 && < 7 assessed CVSS labels Feb 7, 2024

github-actions bot mentioned this issue Feb 22, 2024

Monthly contributions report 2024-01-22 - 2024-02-21 #1369

Closed

github-actions bot mentioned this issue Mar 22, 2024

Monthly contributions report 2024-02-22 - 2024-03-21 #1398

Closed

github-actions bot mentioned this issue Apr 22, 2024

Monthly contributions report 2024-03-22 - 2024-04-21 #1435

Closed

github-actions bot mentioned this issue May 22, 2024

Monthly contributions report 2024-04-22 - 2024-05-21 #1451

Closed

github-actions bot mentioned this issue Jun 22, 2024

Monthly contributions report 2024-05-22 - 2024-06-21 #1477

Closed

markafarrell mentioned this issue Jun 25, 2024

Upgrade to linux-pam-1.5.3-r1 flatcar/scripts#2049

Merged

2 tasks

github-actions bot mentioned this issue Jul 22, 2024

Monthly contributions report 2024-06-22 - 2024-07-21 #1497

Open

github-actions bot mentioned this issue Aug 22, 2024

Monthly contributions report 2024-07-22 - 2024-08-21 #1519

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

update: pam #1349

update: pam #1349

dongsupark commented Feb 7, 2024 •

edited

Loading

update: pam #1349

update: pam #1349

Comments

dongsupark commented Feb 7, 2024 • edited Loading

dongsupark commented Feb 7, 2024 •

edited

Loading