|
|
Subscribe / Log in / New account

pam: denial of service

Package(s):pam CVE #(s):CVE-2015-3238
Created:July 1, 2015 Updated:July 6, 2015
Description: From the Red Hat bugzilla:

From the original report:
"If SELinux is enabled, the _unix_run_helper_binary function in Linux-PAM 1.1.8 and earlier hangs indefinitely when verifying a password of 65536 characters, which allows attackers to conduct username enumeration and denial of service attacks.

When supplying a password of 65536 characters or more, the process will block on the write(2) call at modules/pam_unix/support.c:614 because it tries to write strlen(passwd)+1 bytes to a blocking pipe and a pipe has a limited capacity of 65536 bytes on Linux."

Alerts:
Gentoo 201605-05 pam 2016-05-31
Ubuntu USN-2935-3 pam 2016-03-17
Ubuntu USN-2935-2 pam 2016-03-16
Ubuntu USN-2935-1 pam 2016-03-16
Scientific Linux SLSA-2015:1640-1 pam 2015-08-19
CentOS CESA-2015:1640 pam 2015-08-18
CentOS CESA-2015:1640 pam 2015-08-18
Oracle ELSA-2015-1640 pam 2015-08-18
Oracle ELSA-2015-1640 pam 2015-08-18
Red Hat RHSA-2015:1640-01 pam 2015-08-18
Mageia MGASA-2015-0266 pam 2015-07-05
Fedora FEDORA-2015-10830 pam 2015-06-30
Fedora FEDORA-2015-10848 pam 2015-07-03
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds