CVE-2024-10963: pam_access Improper Hostname Interpretation Leads to Access Control Bypass

Bug 2324291 (CVE-2024-10963) - CVE-2024-10963 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass Key Information: Bug ID: 2324291 CVE IDs: CVE-2024-10963, CVE-2024-10963 Product: Security Response Component: vulnerability Version: unspecified Severity: high Status: NEW Reported: 2024-11-07 07:42 UTC by OSIDB Bzimport Modified: 2024-11-09 13:46 UTC Assignee: Product Security DevOps Team Description: - A problem was found in pam_access where certain rules in its configuration file are mistakenly treated as hostnames. This means attackers could trick the system by pretending to be a trusted hostname, gaining unauthorized access. It's a risk for systems that rely on this feature to control who can access specific services or terminals. Environment: Linux Priority: high Target Milestone: --- Depends On: 2324299, 2324300 Blocks: depends on / blocked Vulnerability Details: Impact: Unauthorized users can bypass access restrictions by spoofing hostnames. Description: pam_access improperly interprets local access.conf rules to match remote hostnames, compromising configurations intended to restrict local access only. Risk: Significant risk to secure environments. Additional Information: Attachments: Available for review. Notes: Requires login to comment or make changes. This bug is related to a security vulnerability in the pam_access component of the Security Response product, affecting all Linux deployments using this configuration method.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-10963: pam_access Improper Hostname Interpretation Leads to Access Control Bypass