ELSA-2024-2438

ULN >
Oracle Linux Errata repository >
ELSA-2024-2438

ELSA-2024-2438 - pam security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-05-03

Description

[1.3.1-19.0.1]
- pam_limits: fix use after free in pam_sm_open_session [Orabug: 36406534]

[1.3.1-19]
- pam_namespace: protect_dir(): use O_DIRECTORY to prevent local DoS
situations. CVE-2024-22365. Resolves: RHEL-21244

[1.3.1-18]
- libpam: use getlogin() from libc and not utmp. Resolves: RHEL-16727
- pam_access: handle hostnames in access.conf. Resolves: RHEL-22300

[1.5.1-17]
- pam_faillock: create tallydir before creating tallyfile. Resolves: RHEL-20943

[1.5.1-16]
- libpam: use close_range() to close file descriptors. Resolves: RHEL-5099
- fix formatting of audit messages. Resolves: RHEL-5100

Related CVEs

CVE-2024-22365

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	pam-1.5.1-19.0.1.el9.src.rpm	169f536dbec1c32d3db608add7bd921cd1ddb50663b4f9bfa32ab802168ac085	-	ol9_aarch64_appstream
	pam-1.5.1-19.0.1.el9.src.rpm	169f536dbec1c32d3db608add7bd921cd1ddb50663b4f9bfa32ab802168ac085	-	ol9_aarch64_baseos_latest
	pam-1.5.1-19.0.1.el9.src.rpm	169f536dbec1c32d3db608add7bd921cd1ddb50663b4f9bfa32ab802168ac085	-	ol9_aarch64_u4_baseos_base
	pam-1.5.1-19.0.1.el9.aarch64.rpm	564e78d9749437207e0aed65d82f5b5c3b7e50bcff418d4d0786df3ddd8324c2	-	ol9_aarch64_baseos_latest
	pam-1.5.1-19.0.1.el9.aarch64.rpm	564e78d9749437207e0aed65d82f5b5c3b7e50bcff418d4d0786df3ddd8324c2	-	ol9_aarch64_u4_baseos_base
	pam-devel-1.5.1-19.0.1.el9.aarch64.rpm	54c8288b8f9873b57726c62c8f7292fcd0806e35cf665f2714519db89e12604d	-	ol9_aarch64_appstream
	pam-docs-1.5.1-19.0.1.el9.aarch64.rpm	80e77861d05d41620e1ac640b814cc42e4fcc22353389b4031afa185c83cd4b9	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	pam-1.5.1-19.0.1.el9.src.rpm	169f536dbec1c32d3db608add7bd921cd1ddb50663b4f9bfa32ab802168ac085	-	ol9_x86_64_appstream
	pam-1.5.1-19.0.1.el9.src.rpm	169f536dbec1c32d3db608add7bd921cd1ddb50663b4f9bfa32ab802168ac085	-	ol9_x86_64_baseos_latest
	pam-1.5.1-19.0.1.el9.src.rpm	169f536dbec1c32d3db608add7bd921cd1ddb50663b4f9bfa32ab802168ac085	-	ol9_x86_64_u4_baseos_base
	pam-1.5.1-19.0.1.el9.i686.rpm	c52dc041e2effcbb90fa74fce9923202cd84b99be809f3f38881883a43073b24	-	ol9_x86_64_baseos_latest
	pam-1.5.1-19.0.1.el9.i686.rpm	c52dc041e2effcbb90fa74fce9923202cd84b99be809f3f38881883a43073b24	-	ol9_x86_64_u4_baseos_base
	pam-1.5.1-19.0.1.el9.x86_64.rpm	58ca20fe747b21d21674944fc9b1fc60dff6cf4af2844e6dcaa279850e8678c1	-	ol9_x86_64_baseos_latest
	pam-1.5.1-19.0.1.el9.x86_64.rpm	58ca20fe747b21d21674944fc9b1fc60dff6cf4af2844e6dcaa279850e8678c1	-	ol9_x86_64_u4_baseos_base
	pam-devel-1.5.1-19.0.1.el9.i686.rpm	a642eee7c44647be725a96bf1a347e725aacc14eb49f33949a34927091ab0de3	-	ol9_x86_64_appstream
	pam-devel-1.5.1-19.0.1.el9.x86_64.rpm	1a08ec661641309b63610c8b4e4b3b73d4141de295e1b5ed2450f53393b3f75c	-	ol9_x86_64_appstream
	pam-docs-1.5.1-19.0.1.el9.x86_64.rpm	3894f4dd64148594b10f579946c393bad1e1124bbf7a9edf78e4cb7d2426d299	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691