Multiple vulnerabilities in git.kernel linux-pam
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2011-3148 CVE-2011-3149 |
| CWE-ID | CWE-121 CWE-119 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
linux-pam Other software / Other software solutions |
| Vendor | git.kernel.org |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Stack-based buffer overflow
EUVDB-ID: #VU43802
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3148
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the _assemble_line() function in modules/pam_env/pam_env.c when processing a long string of white spaces at the beginning of the ~/.pam_environment file. A local user can trigger a stack-based buffer overflow and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionslinux-pam: 0.99.1.0 - 1.1.4
External linkshttp://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=caf5e7f61c8d9288daa49b4f61962e6b1239121d
http://secunia.com/advisories/46583
http://secunia.com/advisories/49711
http://security.gentoo.org/glsa/glsa-201206-31.xml
http://www.ubuntu.com/usn/USN-1237-1
http://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU43803
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3149
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform service disruption.
The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).
MitigationInstall update from vendor's website.
Vulnerable software versionslinux-pam: 0.99.1.0 - 1.1.4
External linkshttp://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=109823cb621c900c07c4b6cdc99070d354d19444
http://secunia.com/advisories/46583
http://secunia.com/advisories/49711
http://security.gentoo.org/glsa/glsa-201206-31.xml
http://www.ubuntu.com/usn/USN-1237-1
http://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
