Release Info

Advisory: CLSA-2025:1749571114

OS: Oracle Linux 7 ELS

Public date: 2025-06-10 15:58:36

Project: pam

Version: 1.1.8-23.0.1.el7.tuxcare.els1

Errata link: https://errata.tuxcare.com/els_os/oraclelinux7els/CLSA-2025-1749571114.html

Changelog

- CVE-2024-10041: fix possibility of leakage of secret information stored in memory - CVE-2024-22365: fix potential DoS via mkfifo because the openat call lacks O_DIRECTORY

Update

Update command: yum update pam*

Packages list

pam-1.1.8-23.0.1.el7.tuxcare.els1.i686.rpm pam-1.1.8-23.0.1.el7.tuxcare.els1.x86_64.rpm pam-devel-1.1.8-23.0.1.el7.tuxcare.els1.i686.rpm pam-devel-1.1.8-23.0.1.el7.tuxcare.els1.x86_64.rpm

CVEs

CVE-2024-22365
CVE-2024-10041