Bug 746620 - (CVE-2011-3149) CVE-2011-3149 pam (pam_env): Infinite loop by expanding certain arguments
CVE-2011-3149 pam (pam_env): Infinite loop by expanding certain arguments
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 748817 865990
Blocks: 746631 855229
  Show dependency treegraph
Reported: 2011-10-17 06:06 EDT by Jan Lieskovsky
Modified: 2016-03-04 07:20 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-02-21 23:34:36 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jan Lieskovsky 2011-10-17 06:06:56 EDT
An infinite loop flaw was found in the way the pam_env module of PAM (Pluggable Authentication Modules) security tool expanded certain environment variables, when both pam_env module and reading of the user specific environment file were enabled. A local attacker could use this flaw to cause the pam_env module check to enter the infinite loop and spam system log file of the particular host.
Comment 1 Jan Lieskovsky 2011-10-17 06:17:05 EDT

Red Hat would like to thank Kees Cook of Google ChromeOS Team for reporting
this issue.
Comment 8 Huzaifa S. Sidhpurwala 2011-10-18 01:17:01 EDT
Reading of user-supplied environment files is disabled by default in the pam package versions, as shipped with various releases of Red Hat Enterprise Linux and Fedora, more information at:

Comment 12 Huzaifa S. Sidhpurwala 2011-10-19 06:53:53 EDT
This issue does not affect the version of the pam package, as shipped with
Red Hat Enterprise Linux 4 and 5, because they do not support reading user specific environment file via ~/.pam_environment

This issue affects the version of the pam package, as shipped with Red Hat
Enterprise Linux 6.

This issue affects the version of pam package, as shipped with Fedora 14 and 15.
Comment 13 Huzaifa S. Sidhpurwala 2011-10-21 00:48:06 EDT

This issue did not affect the versions of pam package as shipped with Red Hat Enterprise Linux 4 and 5.
Comment 15 Jan Lieskovsky 2011-10-25 09:03:36 EDT
Created pam tracking bugs for this issue

Affects: fedora-all [bug 748817]
Comment 17 errata-xmlrpc 2013-02-21 05:36:40 EST
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2013:0521 https://rhn.redhat.com/errata/RHSA-2013-0521.html

Note You need to log in before you can comment on or make changes to this bug.