Updated: 2023-11-04 20:45:12.375642
Description:
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | 0 | |
CVSS Version 3.x | CRITICAL | 9.8 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
---|---|---|---|---|---|---|---|
Ubuntu 16.04 ELS | pam | 1.1.8-3.2 | 9.8 | CRITICAL | Released | CLSA-2023:1675111190 | 2023-01-30 16:03:21 |
Ubuntu 18.04 ELS | pam | 1.1.8-3.6 | 9.8 | CRITICAL | Already Fixed | 2023-11-06 08:34:50 |