Miggo Logo
Miggo Vulnerability Database
CVE-2024-22365

CVE-2024-22365:
linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked...

5.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-22365
GHSA ID
GHSA-pcmw-6hxc-hqmx
EPSS Score
0.24238%
CWE
-
Published
2/6/2024
Updated
2/14/2024
KEV Status
No
Technology
-

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The commit 031bb5a5d0d950253b68138b498dc93be69a64cb directly addresses the vulnerability. The patch modifies the protect_dir function in modules/pam_namespace/pam_namespace.c. The core of the vulnerability lies in how protect_dir used openat. Before the patch, openat was called with flags = O_RDONLY. If the path pointed to a FIFO, openat would block. The patch changes flags to O_RDONLY | O_DIRECTORY, which causes openat to fail if the path is not a directory, thus preventing the blocking behavior and the DoS. The removed code block, which manually checked if the opened path was a directory using fstat and S_ISDIR, further confirms that protect_dir was the function handling the problematic logic.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

linux-p*m (*k* Linux P*M) ***or* *.*.* *llows *tt**k*rs to **us* * **ni*l o* s*rvi** (*lo*k** lo*in pro**ss) vi* mk*i*o ****us* t** op*n*t **ll (*or prot**t_*ir) l**ks O_*IR**TORY.

Reasoning

T** *ommit **************************************** *ir**tly ***r*ss*s t** vuln*r**ility. T** p*t** mo*i*i*s t** `prot**t_*ir` *un*tion in `mo*ul*s/p*m_n*m*sp***/p*m_n*m*sp***.*`. T** *or* o* t** vuln*r**ility li*s in *ow `prot**t_*ir` us** `op*n*t`.