Unrated severityNVD Advisory· Published Sep 19, 2022· Updated May 29, 2025
CVE-2022-28321
CVE-2022-28321
Description
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
3- download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/mitrex_refsource_MISC
- bugzilla.suse.com/show_bug.cgimitrex_refsource_MISC
- www.suse.com/security/cve/CVE-2022-28321.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.