CVE-2024-10041 — Insecure Storage of Sensitive Information in PAM

CWE-922 — Insecure Storage of Sensitive Information6 documents6 sources

Severity

4.7MEDIUMNVD

EPSS

0.0%

top 87.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

PAM Debian PAM Msrc Azl3 PAM 1.5.3-4 ON Azure Linux 3.0 +1 more

Timeline

PublishedOct 23

Description

A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.0 | Impact: 3.6

Affected Packages4 packages

▶debiandebian/pam< pam 1.7.0-2 (forky)

▶Debianpam/pam< 1.7.0-2+1

▶msrcmsrc/azl3_pam_1.5.3-4_on_azure_linux_3.0

▶msrcmsrc/cbl2_pam_1.5.1-7_on_cbl_mariner_2.0

🔴Vulnerability Details

OSV

CVE-2024-10041: A vulnerability was found in PAM↗2024-10-23

▶

GHSA

GHSA-7gm5-m2xc-vh2j: A vulnerability was found in PAM↗2024-10-23

▶

📋Vendor Advisories

Red Hat

pam: libpam: Libpam vulnerable to read hashed password↗2024-10-18

▶

Microsoft

Pam: libpam: libpam vulnerable to read hashed password↗2024-10-08

▶

Debian

CVE-2024-10041: pam - A vulnerability was found in PAM. The secret information is stored in memory, wh...↗2024

▶