Ubuntu update for pam



Published: 2023-01-25
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2022-28321
CWE-ID CWE-863
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Ubuntu
Operating systems & Components / Operating system

libpam-modules (Ubuntu package)
Operating systems & Components / Operating system package or component

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Incorrect authorization

EUVDB-ID: #VU71525

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-28321

CWE-ID: CWE-863 - Incorrect Authorization

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authorization process.

The vulnerability exists due to an error within the pam_access.so module in Linux-PAM package, which does not correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS.  A remote attacker can bypass authorization process and login to the system via SSH from IP addresses that were not allowed to connect from.

Mitigation

Update the affected package pam to the latest version.

Vulnerable software versions

Ubuntu: 22.10, 22.04, 20.04, 18.04, 16.04, 14.04

libpam-modules (Ubuntu package): before Ubuntu Pro (Infra-only)


CPE2.3 External links

http://ubuntu.com/security/notices/USN-5825-1

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###