#VU43802 Stack-based buffer overflow in linux-pam


Published: 2012-07-22 | Updated: 2023-05-09

Vulnerability identifier: #VU43802

Vulnerability risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2011-3148

CWE-ID: CWE-121

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
linux-pam
Other software / Other software solutions

Vendor: git.kernel.org

Description

The vulnerability allows a local user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the _assemble_line() function in modules/pam_env/pam_env.c when processing a long string of white spaces at the beginning of the ~/.pam_environment file. A local user can trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

linux-pam: 0.99.1.0 - 1.1.4

External links
http://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=caf5e7f61c8d9288daa49b4f61962e6b1239121d
http://secunia.com/advisories/46583
http://secunia.com/advisories/49711
http://security.gentoo.org/glsa/glsa-201206-31.xml
http://www.ubuntu.com/usn/USN-1237-1
http://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Amazon Linux AMI update for pam
Multiple vulnerabilities in git.kernel linux-pam
Gentoo update for Linux-PAM
SUSE Linux update for pam
SUSE Linux update for pam
SUSE Linux update for pam