Ubuntu Security Notice USN-6588-1

Ubuntu Security Notice USN-6588-1
2024-1-19 00:7:43 Author: packetstormsecurity.com(查看原文) 阅读量:6 收藏

==========================================================================
Ubuntu Security Notice USN-6588-1
January 17, 2024pam vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.10
- Ubuntu 23.04
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
PAM could be made to stop responding if it opened a specially crafted file.
Software Description:
- pam: Pluggable Authentication Modules
Details:
Matthias Gerstner discovered that the PAM pam_namespace module incorrectly
handled special files when performing directory checks. A local attacker
could possibly use this issue to cause PAM to stop responding, resulting in
a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 23.10:
   libpam-modules                  1.5.2-6ubuntu1.1
Ubuntu 23.04:
   libpam-modules                  1.5.2-5ubuntu1.1
Ubuntu 22.04 LTS:
   libpam-modules                  1.4.0-11ubuntu2.4
Ubuntu 20.04 LTS:
   libpam-modules                  1.3.1-5ubuntu4.7
In general, a standard system update will make all the necessary changes.
References:
   https://ubuntu.com/security/notices/USN-6588-1
   CVE-2024-22365
Package Information:
   https://launchpad.net/ubuntu/+source/pam/1.5.2-6ubuntu1.1
   https://launchpad.net/ubuntu/+source/pam/1.5.2-5ubuntu1.1
   https://launchpad.net/ubuntu/+source/pam/1.4.0-11ubuntu2.4
   https://launchpad.net/ubuntu/+source/pam/1.3.1-5ubuntu4.7

文章来源: https://packetstormsecurity.com/files/176635/USN-6588-1.txt
如有侵权请联系:admin#unsafe.sh