Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a special file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kernel Linux-PAM pam_xauth模块pam_xauth.c文件拒绝服务漏洞
Vulnerability Description
Linux-PAM(又名PAM)是一种用于Linux平台中的认证机制,它通过提供一些动态链接库和一套统一的API,使系统管理员可以自由选择应用程序使用的验证机制。 Linux-PAM(又名pam)1.1.2及之前版本的pam_xauth模块的pam_xauth.c文件中的check_acl函数没有正确验证某个ACL文件是常规文件。本地用户可以借助特制文件导致拒绝服务(资源消耗)。
CVSS Information
N/A
Vulnerability Type
N/A