[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Linux-PAM 1.2.1 released


Due to a security problem found in Linux-PAM, we released a
new version today: 1.2.1

The only change compared with 1.2.0 is the security fix for CVE-2015-3238:

 If the process executing pam_sm_authenticate or pam_sm_chauthtok method
 of pam_unix is not privileged enough to check the password, e.g.
 if selinux is enabled, the _unix_run_helper_binary function is called.
 When a long enough password is supplied (16 pages or more, i.e. 65536+
 bytes on a system with 4K pages), this helper function hangs
 indefinitely, blocked in the write(2) call while writing to a blocking
 pipe that has a limited capacity.
 With this fix, the verifiable password length will be limited to
 PAM_MAX_RESP_SIZE bytes (i.e. 512 bytes) for pam_exec and pam_unix.

We would like to thank Sebastien Macke of Trustwave SpiderLabs for
the original bug report and Red Hat security response team for
forwarding this issue.

Thorsten Kukuk, Senior Architect SLES & Common Code Base
SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany
GF: Felix Imend├Ârffer, Jane Smithard, Dilip Upmanyu, Graham Norton, HRB 21284 (AG N├╝rnberg)

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]