Red Hat Bugzilla – Bug 746620
CVE-2011-3149 pam (pam_env): Infinite loop by expanding certain arguments
Last modified: 2016-03-04 07:20:27 EST
An infinite loop flaw was found in the way the pam_env module of PAM (Pluggable Authentication Modules) security tool expanded certain environment variables, when both pam_env module and reading of the user specific environment file were enabled. A local attacker could use this flaw to cause the pam_env module check to enter the infinite loop and spam system log file of the particular host.
Red Hat would like to thank Kees Cook of Google ChromeOS Team for reporting
Reading of user-supplied environment files is disabled by default in the pam package versions, as shipped with various releases of Red Hat Enterprise Linux and Fedora, more information at:
This issue does not affect the version of the pam package, as shipped with
Red Hat Enterprise Linux 4 and 5, because they do not support reading user specific environment file via ~/.pam_environment
This issue affects the version of the pam package, as shipped with Red Hat
Enterprise Linux 6.
This issue affects the version of pam package, as shipped with Fedora 14 and 15.
This issue did not affect the versions of pam package as shipped with Red Hat Enterprise Linux 4 and 5.
Relevant upstream patch:
Created pam tracking bugs for this issue
Affects: fedora-all [bug 748817]
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2013:0521 https://rhn.redhat.com/errata/RHSA-2013-0521.html