update: pam

[dongsupark]

Name: pam CVEs: CVE-2024-22365, CVE-2024-10041, CVE-2024-10963 CVSSs: 5.5, 4.7, 7.4 Action Needed: update to >= 1.7.0 ?

Summary:

• CVE-2024-22365: linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.
• CVE-2024-10041: The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications. (NOTE: Enforced SELinux can mitigate the issue)
• CVE-2024-10963: A vulnerability was found in pam_access due to the improper handling of tokens in access.conf, interpreted as hostnames. This flaw allows attackers to bypass access restrictions by spoofing hostnames, undermining configurations designed to limit access to specific TTYs or services. The flaw poses a risk in environments relying on these configurations for local access control.
  • https://bugzilla.redhat.com/show_bug.cgi?id=2324291

refmap.gentoo:

• CVE-2024-22365: https://bugs.gentoo.org/922397
• CVE-2024-10041: https://bugs.gentoo.org/942075
• CVE-2024-10963: TBD

[tormath1]

Added CVE-2024-10041 (https://bugs.gentoo.org/942075)

[dongsupark]

Added CVE-2024-10963