Control: tags -1 + fixed-upstream Hi,
On Fri, Oct 25, 2024 at 02:59:24PM +0200, Moritz Mühlenhoff wrote: > Source: pam > X-Debbugs-CC: t...@security.debian.org > Severity: normal > Tags: security > > Hi, > > The following vulnerability was published for pam. > > CVE-2024-10041[0]: > | A vulnerability was found in PAM. The secret information is stored > | in memory, where the attacker can trigger the victim program to > | execute by sending characters to its standard input (stdin). As this > | occurs, the attacker can train the branch predictor to execute an > | ROP chain speculatively. This flaw could result in leaked passwords, > | such as those found in /etc/shadow while performing authentications. > > This appeared via Red Hat bugzilla and the currently only public > reference is https://bugzilla.redhat.com/show_bug.cgi?id=2319212 > > To me it sounds rather like hardening than an actual security > vulnerability, but it's hard to tell with the information available > so far. For reference, upstream commented on the question in https://github.com/linux-pam/linux-pam/issues/846, quoting: | My understanding of the matter is that, starting with #686 | (which was merged before Linux-PAM v1.6.0), Linux-PAM is not affected. So this should be covered by https://github.com/linux-pam/linux-pam/pull/686 . Regards, Salvatore
