5.5

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2024-22365

GHSA ID

GHSA-pcmw-6hxc-hqmx

EPSS Score

0.24238%

CWE

Published

2/6/2024

Updated

2/14/2024

KEV Status

Technology

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-22365

CVE-2024-22365: linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked...

linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2024-22365

CVE-2024-22365:

5.5

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2024-22365

GHSA ID

GHSA-pcmw-6hxc-hqmx

EPSS Score

0.24238%

CWE

Published

2/6/2024

Updated

2/14/2024

KEV Status

Technology

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The commit 031bb5a5d0d950253b68138b498dc93be69a64cb directly addresses the vulnerability. The patch modifies the protect_dir function in modules/pam_namespace/pam_namespace.c. The core of the vulnerability lies in how protect_dir used openat. Before the patch, openat was called with flags = O_RDONLY. If the path pointed to a FIFO, openat would block. The patch changes flags to O_RDONLY | O_DIRECTORY, which causes openat to fail if the path is not a directory, thus preventing the blocking behavior and the DoS. The removed code block, which manually checked if the opened path was a directory using fstat and S_ISDIR, further confirms that protect_dir was the function handling the problematic logic.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

5.5

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2024-22365: linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked...

CVE-2024-22365:

5.5

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Technical Details

5.5

5.5

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Basic Information

Basic Information

CVE-2024-22365: linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked...

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI