Linux Pam

Do you want an email whenever new security vulnerabilities are reported in Linux Pam?

By the Year

In 2024 there have been 1 vulnerability in Linux Pam with an average score of 5.5 out of ten. Linux Pam did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2024 as compared to last year.

Year	Vulnerabilities	Average Score
2024	1	5.50
2023	0	0.00
2022	0	0.00
2021	0	0.00
2020	1	9.80
2019	0	0.00
2018	0	0.00

It may take a day or so for new Linux Pam vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Linux Pam Security Vulnerabilities

linux-pam (aka Linux PAM) before 1.6.0

CVE-2024-22365 5.5 - Medium - February 06, 2024

linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.

A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users

CVE-2020-27780 9.8 - Critical - December 18, 2020

A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate.

authentification

The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords

CVE-2015-3238 6.5 - Medium - August 24, 2015

The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.

Information Disclosure

The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories

CVE-2010-3435 - January 24, 2011

The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory.

The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the setfsuid system call, which might

CVE-2010-3431 - January 24, 2011

The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an unintended uid, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.

The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not perform the required setfsgid and setgroups system calls, which might

CVE-2010-3430 - January 24, 2011

The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not perform the required setfsgid and setgroups system calls, which might allow local users to obtain sensitive information by leveraging unintended group permissions, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.

The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program

CVE-2010-3316 - January 24, 2011

The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pam_xauth PAM check.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Linux Pam or by Linux Pam? Click the Watch button to subscribe.

Linux Pam
Vendor

Linux Pam
Product

Linux Pam

By the Year

Recent Linux Pam Security Vulnerabilities

linux-pam (aka Linux PAM) before 1.6.0 CVE-2024-22365 5.5 - Medium - February 06, 2024

A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users CVE-2020-27780 9.8 - Critical - December 18, 2020

The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords CVE-2015-3238 6.5 - Medium - August 24, 2015

The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories CVE-2010-3435 - January 24, 2011

The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the setfsuid system call, which might CVE-2010-3431 - January 24, 2011

The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not perform the required setfsgid and setgroups system calls, which might CVE-2010-3430 - January 24, 2011

The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program CVE-2010-3316 - January 24, 2011