Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that relies on the pam_xauth PAM check.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kernel Linux-PAM pam_xauth模块pam_xauth.c程序任意文件删除漏洞
Vulnerability Description
Linux-PAM(又名PAM)是一种用于Linux平台中的认证机制,它通过提供一些动态链接库和一套统一的API,使系统管理员可以自由选择应用程序使用的验证机制。 Linux-PAM(又名pam)1.1.2及之前版本的pam_xauth模块的pam_xauth.c文件中的pam_sm_close_session函数没有正确处理故障,以确认某一目标的uid。本地用户可以通过执行依赖pam_xauth PAM检查的程序删除意外的文件。
CVSS Information
N/A
Vulnerability Type
N/A