ELSA-2024-2438

ULN >
Oracle Linux Errata repository >
ELSA-2024-2438

ELSA-2024-2438 - pam security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2024-05-03

Description

[1.3.1-19.0.1]
- pam_limits: fix use after free in pam_sm_open_session [Orabug: 36406534]

[1.3.1-19]
- pam_namespace: protect_dir(): use O_DIRECTORY to prevent local DoS
situations. CVE-2024-22365. Resolves: RHEL-21244

[1.3.1-18]
- libpam: use getlogin() from libc and not utmp. Resolves: RHEL-16727
- pam_access: handle hostnames in access.conf. Resolves: RHEL-22300

[1.5.1-17]
- pam_faillock: create tallydir before creating tallyfile. Resolves: RHEL-20943

[1.5.1-16]
- libpam: use close_range() to close file descriptors. Resolves: RHEL-5099
- fix formatting of audit messages. Resolves: RHEL-5100

Related CVEs

CVE-2024-22365

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	pam-1.5.1-19.0.1.el9.src.rpm	e4d2879a93625903bd8534b5b5c3ff2c	-	ol9_aarch64_appstream
	pam-1.5.1-19.0.1.el9.src.rpm	e4d2879a93625903bd8534b5b5c3ff2c	-	ol9_aarch64_baseos_latest
	pam-1.5.1-19.0.1.el9.src.rpm	e4d2879a93625903bd8534b5b5c3ff2c	-	ol9_aarch64_u4_baseos_base
	pam-1.5.1-19.0.1.el9.aarch64.rpm	78cb65568535e21fdf64fdea7aca1dc9	-	ol9_aarch64_baseos_latest
	pam-1.5.1-19.0.1.el9.aarch64.rpm	78cb65568535e21fdf64fdea7aca1dc9	-	ol9_aarch64_u4_baseos_base
	pam-devel-1.5.1-19.0.1.el9.aarch64.rpm	e0679b18e820ceb8e7c1365b18ae8a10	-	ol9_aarch64_appstream
	pam-docs-1.5.1-19.0.1.el9.aarch64.rpm	8a8ad74059d86d3f8038c4d648c67713	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	pam-1.5.1-19.0.1.el9.src.rpm	e4d2879a93625903bd8534b5b5c3ff2c	-	ol9_x86_64_appstream
	pam-1.5.1-19.0.1.el9.src.rpm	e4d2879a93625903bd8534b5b5c3ff2c	-	ol9_x86_64_baseos_latest
	pam-1.5.1-19.0.1.el9.src.rpm	e4d2879a93625903bd8534b5b5c3ff2c	-	ol9_x86_64_u4_baseos_base
	pam-1.5.1-19.0.1.el9.i686.rpm	b2a27e6d9f2920eabe2fd83b1d7448ad	-	ol9_x86_64_baseos_latest
	pam-1.5.1-19.0.1.el9.i686.rpm	b2a27e6d9f2920eabe2fd83b1d7448ad	-	ol9_x86_64_u4_baseos_base
	pam-1.5.1-19.0.1.el9.x86_64.rpm	cad5a8bd6340595a90011916e59eb96f	-	ol9_x86_64_baseos_latest
	pam-1.5.1-19.0.1.el9.x86_64.rpm	cad5a8bd6340595a90011916e59eb96f	-	ol9_x86_64_u4_baseos_base
	pam-devel-1.5.1-19.0.1.el9.i686.rpm	3dbe4f42071eec712d4e54deff260e58	-	ol9_x86_64_appstream
	pam-devel-1.5.1-19.0.1.el9.x86_64.rpm	848ad603d5c1bac5ac412af86f45e1c5	-	ol9_x86_64_appstream
	pam-docs-1.5.1-19.0.1.el9.x86_64.rpm	817a33d45b73231bcc7683305d5fbd95	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691