pam-1.5.1-19.el9
エラータID: AXSA:2024-7776:01
Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.
Security Fix(es):
* pam: allowing unprivileged user to block another user namespace (CVE-2024-22365)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the MIRACLE LINUX 9.4 Release Notes linked from the References section.
CVE-2024-22365
linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.
Update packages.
linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.
N/A
SRPMS
- pam-1.5.1-19.el9.src.rpm
MD5: b5e572517e70437f044ca3c1b7cfe69f
SHA-256: bee14e556459f00602200d9062676db518f1a7996faad877654a5397675b59f3
Size: 1.04 MB
Asianux Server 9 for x86_64
- pam-1.5.1-19.el9.i686.rpm
MD5: 85129bfb68d4e51061012f617bb0cba2
SHA-256: 383c60af95a2e02133ec0bdb15eae7fc32061437fa05a091f5e78699f724f4d2
Size: 568.68 kB - pam-1.5.1-19.el9.x86_64.rpm
MD5: 818de7e6de260ac37f5cabdf6dd17a47
SHA-256: e6494185d058db068213d3247e6d5a08c28e25820ce698cecedd72745d520d33
Size: 547.43 kB - pam-devel-1.5.1-19.el9.i686.rpm
MD5: 32f8387922fb7a9566624d54a672a0fb
SHA-256: 01d3cc45046f95096a07237fa9e0378d17424da904b92ce038174b9e4f2a5a43
Size: 140.16 kB - pam-devel-1.5.1-19.el9.x86_64.rpm
MD5: e5f0057a49c38664ffa73636537f42db
SHA-256: 36117de78df40a25f72fb89b5ed4f4b2e0ce4746a058a260a6e60ed0febb7667
Size: 140.17 kB - pam-docs-1.5.1-19.el9.x86_64.rpm
MD5: 8a8a5f0085431ee674f5361be8e83e57
SHA-256: d37564c75670390488ce380a009a10edd177f760f82fbaf2a06ea6645b27ee34
Size: 105.60 kB
日本語