Описание
The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.1.3-2ubuntu2.1 |
| hardy | released | 0.99.7.1-5ubuntu6.5 |
| lucid | released | 1.1.1-2ubuntu5.4 |
| maverick | released | 1.1.1-4ubuntu2.4 |
| natty | released | 1.1.2-2ubuntu8.4 |
| oneiric | released | 1.1.3-2ubuntu2.1 |
| upstream | needs-triage |
Показывать по
EPSS
2.1 Low
CVSS2
Связанные уязвимости
The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).
The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).
The _expand_arg function in the pam_env module (modules/pam_env/pam_en ...
The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).
ELSA-2013-0521: pam security, bug fix, and enhancement update (MODERATE)
EPSS
2.1 Low
CVSS2