linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-02-06T00:00:00

Updated: 2024-08-01T22:43:34.704Z

Reserved: 2024-01-09T00:00:00

Link: CVE-2024-22365

cve-icon Vulnrichment

Updated: 2024-08-01T22:43:34.704Z

cve-icon NVD

Status : Modified

Published: 2024-02-06T08:15:52.203

Modified: 2024-11-21T08:56:07.760

Link: CVE-2024-22365

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-01-18T00:00:00Z

Links: CVE-2024-22365 - Bugzilla