Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-25327

Опубликовано: 25 фев. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 2.1
CVSS3: 5.5

Описание

The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a denial of service by creating a fscrypt metadata file that prevents other users from logging into the system. We recommend upgrading to version 0.3.3 or above

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
devel

not-affected

0.3.3-1
esm-apps/bionic

needed

esm-apps/focal

needed

esm-apps/jammy

not-affected

0.3.3-1
esm-apps/noble

not-affected

0.3.3-1
focal

ignored

end of standard support, was needed
impish

ignored

end of life
jammy

not-affected

0.3.3-1
kinetic

not-affected

0.3.3-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 1%
0.00011
Низкий

2.1 Low

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2022-25327

CVSS3: 5.5
nvd
почти 4 года назад

The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a denial of service by creating a fscrypt metadata file that prevents other users from logging into the system. We recommend upgrading to version 0.3.3 or above

debian логотип

CVE-2022-25327

CVSS3: 5.5
debian
почти 4 года назад

The PAM module for fscrypt doesn't adequately validate fscrypt metadat ...

github логотип

GHSA-8vwm-8vj8-rqjf

CVSS3: 5.5
github
почти 4 года назад

User login denial of service in github.com/google/fscrypt

EPSS

Процентиль: 1%
0.00011
Низкий

2.1 Low

CVSS2

5.5 Medium

CVSS3

Уязвимость CVE-2022-25327