Main Vulnerability Database SB2024100507

SB2024100507 - Privilege escalation in Authd PAM module

Published: October 5, 2024

Security Bulletin ID SB2024100507

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Authentication (CVE-ID: CVE-2024-9313)

The vulnerability allows a remote user to impersonate other users.

The vulnerability exists due to an error in the authd PAM module that cal allow broker-managed users to impersonate any other user managed by the same broker and perform any PAM operation with it, including authenticating as them. A remote user can use tools such as su, sudo or ssh (and potentially others) that, so far, do not ensure that the PAM user at the end of the transaction is matching the one who initiated the transaction.

Remediation

Install update from vendor's website.

References

https://github.com/ubuntu/authd/security/advisories/GHSA-x5q3-c8rm-w787