Release Info

Advisory: CLSA-2025:1749571728

OS: CentOS 7 ELS

Public date: 2025-06-10 16:08:50

Project: pam

Version: 1.1.8-23.0.1.el7.tuxcare.els1

Errata link: https://errata.tuxcare.com/els_os/centos7els/CLSA-2025-1749571728.html

Changelog

- CVE-2024-10041: fix possibility of leakage of secret information stored in memory - CVE-2024-22365: fix potential DoS via mkfifo because the openat call lacks O_DIRECTORY

Update

Update command: yum update pam*

Packages list

pam-1.1.8-23.0.1.el7.tuxcare.els1.i686.rpm pam-1.1.8-23.0.1.el7.tuxcare.els1.x86_64.rpm pam-devel-1.1.8-23.0.1.el7.tuxcare.els1.i686.rpm pam-devel-1.1.8-23.0.1.el7.tuxcare.els1.x86_64.rpm

CVEs

CVE-2024-10041
CVE-2024-22365