Stack-based Buffer Overflow in Linux-PAM by Linux
CVE-2011-3148

Currently unrated

Key Information:

Vendor

Linux-pam

Status
Linux-pam
Vendor
CVE Published:
22 July 2012

What is CVE-2011-3148?

The vulnerability in Linux-PAM arises from a stack-based buffer overflow in the _assemble_line function within the modules/pam_env/pam_env.c file. Local users can exploit this vulnerability by manipulating the ~/.pam_environment file with a lengthy string of white spaces, leading to a denial of service which may potentially allow the execution of arbitrary code. This issue affects Linux-PAM versions prior to 1.1.5 and poses a significant risk to systems utilizing this authentication module.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469
x_refsource_CONFIRM
http://security.gentoo.org/glsa/glsa-201206-31.xml
vendor-advisoryx_refsource_GENTOO
http://www.ubuntu.com/usn/USN-1237-1
vendor-advisoryx_refsource_UBUNTU

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.