Oval Definition:oval:com.redhat.rhsa:def:20151640
Revision Date:2015-08-18Version:636
Title:RHSA-2015:1640: pam security update (Moderate)
Description:Pluggable Authentication Modules (PAM) provide a system whereby administrators can set up authentication policies without having to recompile programs to handle authentication.

  • It was discovered that the _unix_run_helper_binary() function of PAM's unix_pam module could write to a blocking pipe, possibly causing the function to become unresponsive. An attacker able to supply large passwords to the unix_pam module could use this flaw to enumerate valid user accounts, or cause a denial of service on the system. (CVE-2015-3238)

    Red Hat would like to thank Sebastien Macke of Trustwave SpiderLabs for reporting this issue.

    All pam users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
  • Family:unixClass:patch
    Status:Reference(s):CVE-2015-3238
    RHSA-2015:1640
    RHSA-2015:1640-00
    RHSA-2015:1640-01
    Platform(s):Red Hat Enterprise Linux 6
    Red Hat Enterprise Linux 7
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • pam is earlier than 0:1.1.1-20.el6_7.1
  • AND pam is signed with Red Hat redhatrelease2 key
  • pam-devel is earlier than 0:1.1.1-20.el6_7.1
  • AND pam-devel is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • pam is earlier than 0:1.1.8-12.el7_1.1
  • AND pam is signed with Red Hat redhatrelease2 key
  • pam-devel is earlier than 0:1.1.8-12.el7_1.1
  • AND pam-devel is signed with Red Hat redhatrelease2 key
  • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 6 Client is installed
  • OR Red Hat Enterprise Linux 6 Server is installed
  • OR Red Hat Enterprise Linux 6 Workstation is installed
  • OR Red Hat Enterprise Linux 6 ComputeNode is installed
  • AND
  • pam is earlier than 0:1.1.1-20.el6_7.1
  • AND pam is signed with Red Hat redhatrelease2 key
  • pam-devel is earlier than 0:1.1.1-20.el6_7.1
  • AND pam-devel is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 7 Client is installed
  • OR Red Hat Enterprise Linux 7 Server is installed
  • OR Red Hat Enterprise Linux 7 Workstation is installed
  • OR Red Hat Enterprise Linux 7 ComputeNode is installed
  • AND
  • pam is earlier than 0:1.1.8-12.el7_1.1
  • AND pam is signed with Red Hat redhatrelease2 key
  • pam-devel is earlier than 0:1.1.8-12.el7_1.1
  • AND pam-devel is signed with Red Hat redhatrelease2 key
  • BACK