Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A certain Red Hat build of the pam_ssh_agent_auth module on Red Hat Enterprise Linux (RHEL) 6 and Fedora Rawhide calls the glibc error function instead of the error function in the OpenSSH codebase, which allows local users to obtain sensitive information from process memory or possibly gain privileges via crafted use of an application that relies on this module, as demonstrated by su and sudo.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat Enterprise Linux任意代码执行漏洞
Vulnerability Description
Red Hat Enterprise Linux是美国红帽(Red Hat)公司的面向企业用户的Linux操作系统 Red Hat Enterprise Linux (RHEL) 6 和Fedora Rawhide上的某Red Hat构建版本的pam_ssh_agent_auth模块中存在漏洞,该漏洞源于程序在OpenSSH代码库中没有调用错误函数而调用了glibc错误函数。通过使用依赖此模块特制的应用程序(如su和sudo),本地攻击者利用该漏洞从进程内存中获得敏感信息或可能获得特权。
CVSS Information
N/A
Vulnerability Type
N/A