Unrated severityNVD Advisory· Published Nov 27, 2018· Updated Sep 16, 2024
pam_access does not handle netmask matches correctly
CVE-2018-17953
Description
A incorrect variable in a SUSE specific patch for pam_access rule matching in PAM 1.3.0 in openSUSE Leap 15.0 and SUSE Linux Enterprise 15 could lead to pam_access rules not being applied (fail open).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- osv-coords3 versionspkg:rpm/opensuse/pam&distro=openSUSE%20Tumbleweedpkg:rpm/suse/pam&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/pam&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015
< 1.5.2-1.1+ 2 more
- (no CPE)range: < 1.5.2-1.1
- (no CPE)range: < 1.3.0-6.6.1
- (no CPE)range: < 1.3.0-6.6.1
- SUSE/pamv5Range: 1.3.0
Patches
Vulnerability mechanics
References
1- bugzilla.suse.com/show_bug.cgimitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.