CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-22365 – pam: allowing unprivileged user to block another user namespace
https://notcve.org/view.php?id=CVE-2024-22365
linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY. linux-pam (también conocido como Linux PAM) anterior a 1.6.0 permite a los atacantes provocar una denegación de servicio (proceso de inicio de sesión bloqueado) a través de mkfifo porque la llamada openat (para protect_dir) carece de O_DIRECTORY. A vulnerability was found in Linux PAM. An unprivileged user that is not yet in a corresponding mount namespace with ~/tmp mounted as a polyinstantiated dir can place a FIFO there, and a subsequent attempt to login as this user with `pam_namespace` configured will cause the `openat()` in `protect_dir()` to block the attempt, causing a local denial of service. • http://www.openwall.com/lists/oss-security/2024/01/18/3 https://github.com/linux-pam/linux-pam https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0 https://access.redhat.com/security/cve/CVE-2024-22365 https://bugzilla.redhat.com/show_bug.cgi?id=2257722 • CWE-277: Insecure Inherited Permissions •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-28321
https://notcve.org/view.php?id=CVE-2022-28321
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream. El paquete Linux-PAM versiones anteriores a 1.5.2-6.1 para openSUSE Tumbleweed, permite omitir la autenticación en los inicios de sesión SSH. • http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src https://bugzilla.suse.com/show_bug.cgi?id=1197654 https://www.suse.com/security/cve/CVE-2022-28321.html • CWE-287: Improper Authentication •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2018-17953 – pam_access does not handle netmask matches correctly
https://notcve.org/view.php?id=CVE-2018-17953
A incorrect variable in a SUSE specific patch for pam_access rule matching in PAM 1.3.0 in openSUSE Leap 15.0 and SUSE Linux Enterprise 15 could lead to pam_access rules not being applied (fail open). Una variable incorrecta en un parche específico de SUSE para la coincidencia de reglas pam_access en PAM 1.3.0 en openSUSE Leap 15.0 y SUSE Linux Enterprise 15 podría conducir a que las reglas de pam_access no se apliquen (fail open). • https://bugzilla.suse.com/show_bug.cgi?id=1115640 • CWE-284: Improper Access Control •