Vulnerabilities

CVE-2011-3149

by Fred · 22/07/2012

The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).

Date published : 2012-07-22

http://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=109823cb621c900c07c4b6cdc99070d354d19444

https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565

Similar

Tags: Cybersecurity Alert