pam security update

2024-06-1413:59:16

Rockylinux Product Errata

errata.rockylinux.org

pam

security

update

rocky linux 8

cve-2024-22365

authentication

vulnerability

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

Low

JSON

An update is available for pam.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.

Security Fix(es):

pam: allowing unprivileged user to block another user namespace (CVE-2024-22365)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.10 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
rocky8aarch64pam< 1.3.1-33.el8pam-0:1.3.1-33.el8.aarch64.rpm
rocky8i686pam< 1.3.1-33.el8pam-0:1.3.1-33.el8.i686.rpm
rocky8x86_64pam< 1.3.1-33.el8pam-0:1.3.1-33.el8.x86_64.rpm
rocky8aarch64pam-debuginfo< 1.3.1-33.el8pam-debuginfo-0:1.3.1-33.el8.aarch64.rpm
rocky8i686pam-debuginfo< 1.3.1-33.el8pam-debuginfo-0:1.3.1-33.el8.i686.rpm
rocky8x86_64pam-debuginfo< 1.3.1-33.el8pam-debuginfo-0:1.3.1-33.el8.x86_64.rpm
rocky8aarch64pam-debugsource< 1.3.1-33.el8pam-debugsource-0:1.3.1-33.el8.aarch64.rpm
rocky8i686pam-debugsource< 1.3.1-33.el8pam-debugsource-0:1.3.1-33.el8.i686.rpm
rocky8x86_64pam-debugsource< 1.3.1-33.el8pam-debugsource-0:1.3.1-33.el8.x86_64.rpm
rocky8aarch64pam-devel< 1.3.1-33.el8pam-devel-0:1.3.1-33.el8.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
rocky	8	aarch64	pam	< 1.3.1-33.el8	pam-0:1.3.1-33.el8.aarch64.rpm
rocky	8	i686	pam	< 1.3.1-33.el8	pam-0:1.3.1-33.el8.i686.rpm
rocky	8	x86_64	pam	< 1.3.1-33.el8	pam-0:1.3.1-33.el8.x86_64.rpm
rocky	8	aarch64	pam-debuginfo	< 1.3.1-33.el8	pam-debuginfo-0:1.3.1-33.el8.aarch64.rpm
rocky	8	i686	pam-debuginfo	< 1.3.1-33.el8	pam-debuginfo-0:1.3.1-33.el8.i686.rpm
rocky	8	x86_64	pam-debuginfo	< 1.3.1-33.el8	pam-debuginfo-0:1.3.1-33.el8.x86_64.rpm
rocky	8	aarch64	pam-debugsource	< 1.3.1-33.el8	pam-debugsource-0:1.3.1-33.el8.aarch64.rpm
rocky	8	i686	pam-debugsource	< 1.3.1-33.el8	pam-debugsource-0:1.3.1-33.el8.i686.rpm
rocky	8	x86_64	pam-debugsource	< 1.3.1-33.el8	pam-debugsource-0:1.3.1-33.el8.x86_64.rpm
rocky	8	aarch64	pam-devel	< 1.3.1-33.el8	pam-devel-0:1.3.1-33.el8.aarch64.rpm