Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

Untriaged
Filter by:
With package: openpam

Found 1 matching suggestions

View:
Compact
Detailed
Permalink CVE-2024-10041
4.7 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 1 year, 4 months ago
Pam: libpam: libpam vulnerable to read hashed password

A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications.

References

Affected products

pam
  • <1.6.0
  • *

Matching in nixpkgs

pkgs.pam

Pluggable Authentication Modules, a flexible mechanism for authenticating user

pkgs.ipam

Cli based IPAM written in Go with PowerDNS support

pkgs.opam

Package manager for OCaml

pkgs.paml

Phylogenetic Analysis by Maximum Likelihood (PAML)

pkgs.dspam

Community Driven Antispam Filter

pkgs.pamix

Pulseaudio terminal mixer

  • nixos-unstable 1.6
    • nixpkgs-unstable 1.6
    • nixos-unstable-small 1.6

pkgs.openpam

Open source PAM library that focuses on simplicity, correctness, and cleanliness

pkgs.pam_p11

Authentication with PKCS#11 modules

pkgs.pam_u2f

PAM module for allowing authentication with a U2F device

pkgs.pamixer

Pulseaudio command line mixer

  • nixos-unstable 1.6
    • nixpkgs-unstable 1.6
    • nixos-unstable-small 1.6

pkgs.pam_krb5

PAM module allowing PAM-aware applications to authenticate users by performing an AS exchange with a Kerberos KDC

pkgs.pam_ldap

LDAP backend for PAM

  • nixos-unstable 186
    • nixpkgs-unstable 186
    • nixos-unstable-small 186

pkgs.linux-pam

Pluggable Authentication Modules, a flexible mechanism for authenticating user

pkgs.ncpamixer

Terminal mixer for PulseAudio inspired by pavucontrol

pkgs.opam2json

convert opam file syntax to JSON

  • nixos-unstable 0.4
    • nixpkgs-unstable 0.4
    • nixos-unstable-small 0.4

pkgs.pam_gnupg

Unlock GnuPG keys on login

  • nixos-unstable 0.4
    • nixpkgs-unstable 0.4
    • nixos-unstable-small 0.4

pkgs.pam_mount

PAM module to mount volumes for a user session

  • nixos-unstable 2.20
    • nixpkgs-unstable 2.20
    • nixos-unstable-small 2.20

pkgs.pamtester

Utility program to test the PAM facility

pkgs.pam_ccreds

PAM module to locally authenticate using an enterprise identity when the network is unavailable

  • nixos-unstable 10
    • nixpkgs-unstable 10
    • nixos-unstable-small 10

pkgs.pam_mktemp

PAM for login service to provide per-user private directories

pkgs.pam_tmpdir

PAM module for creating safe per-user temporary directories

  • nixos-unstable 0.09
    • nixpkgs-unstable 0.09
    • nixos-unstable-small 0.09

pkgs.apparmor-pam

Mandatory access control system - PAM service

pkgs.opam-publish

Tool to ease contributions to opam repositories

pkgs.pam-reattach

Reattach to the user's GUI session on macOS during authentication (for Touch ID support in tmux)

  • nixos-unstable 1.3
    • nixpkgs-unstable 1.3
    • nixos-unstable-small 1.3

pkgs.pam-honeycreds

PAM module that sends warnings when fake passwords are used

  • nixos-unstable 1.9
    • nixpkgs-unstable 1.9
    • nixos-unstable-small 1.9

Package maintainers