CVE-2024-10963
Published: November 8, 2024Last modified: June 5, 2025
Description
A vulnerability was found in pam_access due to the improper handling of tokens in access.conf, interpreted as hostnames. This flaw allows attackers to bypass access restrictions by spoofing hostnames, undermining configurations designed to limit access to specific TTYs or services. The flaw poses a risk in environments relying on these configurations for local access control.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.4 |
| Attack Vector | NETWORK |
| Attack complexity | HIGH |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity impact | HIGH |
| Availability impact | NONE |
| Vector | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N |
Notes
https://github.com/linux-pam/linux-pam/issues/834 Considered a minor problem (using untrustworthy DNS setup for authentication). Introduced in 1.5.3 and so 23-lts (with 1.5.2) is not affected. PR for the rework that fixes the issue (and another minor problem): https://github.com/linux-pam/linux-pam/pull/854
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | Stream | linux-pam | Vulnerable (1.5.3-r3) |
References
- https://access.redhat.com/errata/RHSA-2024:10232
- https://access.redhat.com/errata/RHSA-2024:10244
- https://access.redhat.com/errata/RHSA-2024:10379
- https://access.redhat.com/errata/RHSA-2024:10518
- https://access.redhat.com/errata/RHSA-2024:10528
- https://access.redhat.com/errata/RHSA-2024:10852
- https://access.redhat.com/security/cve/CVE-2024-10963
- https://bugzilla.redhat.com/show_bug.cgi?id=2324291