Environment Variable Overflow in Linux-PAM Affects Local User Security
CVE-2011-3149

Currently unrated

Key Information:

Vendor

Linux-pam

Status
Linux-pam
Vendor
CVE Published:
22 July 2012

What is CVE-2011-3149?

The _expand_arg function in the pam_env module of Linux-PAM prior to version 1.1.5 contains a flaw that can allow local users to exploit the environment variable expansion process. This vulnerability enables attackers to generate excessive CPU consumption, leading to a Denial of Service condition. Ensuring up-to-date configurations is critical to mitigating this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://security.gentoo.org/glsa/glsa-201206-31.xml
vendor-advisoryx_refsource_GENTOO
http://www.ubuntu.com/usn/USN-1237-1
vendor-advisoryx_refsource_UBUNTU
http://secunia.com/advisories/46583
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.