#VU43803 Buffer overflow in linux-pam


Published: 2012-07-22 | Updated: 2023-05-09

Vulnerability identifier: #VU43803

Vulnerability risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2011-3149

CWE-ID: CWE-119

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
linux-pam
Other software / Other software solutions

Vendor: git.kernel.org

Description

The vulnerability allows a local user to perform service disruption.

The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).

Mitigation
Install update from vendor's website.

Vulnerable software versions

linux-pam: 0.99.1.0 - 1.1.4

External links
http://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=109823cb621c900c07c4b6cdc99070d354d19444
http://secunia.com/advisories/46583
http://secunia.com/advisories/49711
http://security.gentoo.org/glsa/glsa-201206-31.xml
http://www.ubuntu.com/usn/USN-1237-1
http://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Amazon Linux AMI update for pam
Multiple vulnerabilities in git.kernel linux-pam
Gentoo update for Linux-PAM
SUSE Linux update for pam
SUSE Linux update for pam
SUSE Linux update for pam