Описание
linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.
Ссылки
- ExploitMailing ListPatchRelease Notes
- Product
- Patch
- Release Notes
- ExploitMailing ListPatchRelease Notes
- Product
- Patch
- Release Notes
Уязвимые конфигурации
Конфигурация 1Версия до 1.6.0 (исключая)
cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00086
Низкий
5.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-664
Связанные уязвимости
CVSS3: 5.5
ubuntu
почти 2 года назад
linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.
CVSS3: 5.5
redhat
почти 2 года назад
linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.
CVSS3: 5.5
debian
почти 2 года назад
linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a den ...
EPSS
Процентиль: 25%
0.00086
Низкий
5.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-664