Bug 1652593 (CVE-2018-17953) - CVE-2018-17953 pam: pam_access.so doesn't properly handle ip addresses and subnets filtering
Summary: CVE-2018-17953 pam: pam_access.so doesn't properly handle ip addresses and su...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2018-17953
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1652594
Blocks: 1652595
TreeView+ depends on / blocked
 
Reported: 2018-11-22 12:59 UTC by Pedro Sampaio
Modified: 2019-09-29 15:03 UTC (History)
14 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2018-12-10 09:22:29 UTC
Embargoed:

Attachments (Terms of Use)

Description Pedro Sampaio 2018-11-22 12:59:07 UTC 
A flaw was found in Linux-PAM. Improper handle of ip and netmask values permits bypass of access controls by applications that uses pam for authorization/authentication such as sshd.

References:

https://bugzilla.novell.com/show_bug.cgi?id=1115640
Comment 1 Pedro Sampaio 2018-11-22 12:59:32 UTC 
Created pam tracking bugs for this issue:

Affects: fedora-all [bug 1652594]
Comment 2 Tomas Mraz 2018-11-22 14:06:58 UTC 
AFAIK this is SUSE only downstream bug.
Comment 3 Huzaifa S. Sidhpurwala 2018-12-10 09:22:29 UTC 
Based on information posted on the SUSE linux bug, this bug does not affect versions of PAM shipped with Red Hat Enterprise Linux and Fedora.
Comment 4 Huzaifa S. Sidhpurwala 2018-12-10 09:24:01 UTC 
Based on information posted on the SUSE linux bug, this bug does not affect versions of PAM shipped with Red Hat Enterprise Linux and Fedora.
Note You need to log in before you can comment on or make changes to this bug.