High severity7.4NVD Advisory· Published Nov 7, 2024· Updated Apr 15, 2026
CVE-2024-10963
CVE-2024-10963
Description
A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- access.redhat.com/errata/RHSA-2024:10232nvd
- access.redhat.com/errata/RHSA-2024:10244nvd
- access.redhat.com/errata/RHSA-2024:10379nvd
- access.redhat.com/errata/RHSA-2024:10518nvd
- access.redhat.com/errata/RHSA-2024:10528nvd
- access.redhat.com/errata/RHSA-2024:10852nvd
- access.redhat.com/security/cve/CVE-2024-10963nvd
- bugzilla.redhat.com/show_bug.cginvd
- github.com/linux-pam/linux-pam/issues/834nvd
- github.com/linux-pam/linux-pam/pull/835nvd
News mentions
0No linked articles in our index yet.