CVE-2024-10041
Publication date 23 October 2024
Last updated 19 November 2024
Ubuntu priority
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| pam | 24.10 oracular |
Vulnerable, fix deferred
|
| 24.04 LTS noble |
Vulnerable, fix deferred
|
|
| 22.04 LTS jammy |
Vulnerable, fix deferred
|
|
| 20.04 LTS focal |
Vulnerable, fix deferred
|
|
| 18.04 LTS bionic |
Vulnerable, fix deferred
|
|
| 16.04 LTS xenial |
Vulnerable, fix deferred
|
|
| 14.04 LTS trusty |
Vulnerable, fix deferred
|
Notes
mdeslaur
The upstream bug for this issue, #846, indicates that the fix in pull 686, also listed below as the commit in 1.6.0, fixes this issue, but the CVE description is vague and it's difficult to determine if that is actually the right fix as of 2024-11-19. Deferring this CVE until more information is known.
Patch details
| Package | Patch details |
|---|---|
| pam |
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
4.7 · Medium
|
| Attack vector | Local |
| Attack complexity | High |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | None |
| Availability impact | None |
| Vector | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |