Release Info

Advisory: CLSA-2025:1749825017

OS: CloudLinux 7 ELS

Public date: 2025-06-13 14:30:19

Project: pam

Version: 1.1.8-23.0.1.el7.tuxcare.els1

Errata link: https://errata.cloudlinux.com/cloudlinux7els/CLSA-2025-1749825017.html

Changelog

- CVE-2024-10041: fix possibility of leakage of secret information stored in memory - CVE-2024-22365: fix potential DoS via mkfifo because the openat call lacks O_DIRECTORY

Update

Update command: yum update pam*

Packages list

pam-1.1.8-23.0.1.el7.tuxcare.els1.i686.rpm pam-1.1.8-23.0.1.el7.tuxcare.els1.x86_64.rpm pam-devel-1.1.8-23.0.1.el7.tuxcare.els1.i686.rpm pam-devel-1.1.8-23.0.1.el7.tuxcare.els1.x86_64.rpm

CVEs

CVE-2024-10041
CVE-2024-22365