Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID SNYK-CENTOS8-SYSTEMDPAM-2114402
- published 26 Jul 2021
- disclosed 20 Jul 2021
How to fix?
systemd-pam to version 0:239-45.el8_4.2 or higher.
Note: Versions mentioned in the description apply only to the upstream
systemd-pam package and not the
systemd-pam package as distributed by
How to fix? for
Centos:8 relevant fixed versions and status.
basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.