CVE-2011-3148Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux-pam

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-121Stack-based Buffer Overflow8 documents7 sources
Severity
4.6MEDIUMNVD
EPSS
0.2%
top 63.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
PAMDebian PAMLinux-pam
Timeline
PublishedJul 22
Latest updateMay 14

Description

Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages3 packages

NVDlinux-pam/linux-pam1.1.4+25
debiandebian/pam< pam 1.1.3-5 (bookworm)
Debianpam/pam< 1.1.3-5+3

🔴Vulnerability Details

2
GHSA
GHSA-gh7c-55pq-pm8c: Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env2022-05-14
OSV
CVE-2011-3148: Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env2012-07-22

📋Vendor Advisories

3
Red Hat
(pam_env): Stack-based buffer overflow by parsing user's pam_environment file2011-10-24
Ubuntu
PAM vulnerabilities2011-10-24
Debian
CVE-2011-3148: pam - Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pa...2011

💬Community

2
Bugzilla
CVE-2011-3148 pam (pam_env): Stack-based buffer overflow by parsing user's pam_environment file [fedora-all]2011-12-14
Bugzilla
CVE-2011-3148 pam (pam_env): Stack-based buffer overflow by parsing user's pam_environment file2011-10-17
CVE-2011-3148 — Linux-pam vulnerability | cvebase