CVE-2024-22365

ADVISORY - nist

Summary

linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.

EPSS Score⁠: 0.00084 (0.249)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-664⁠

Improper Control of a Resource Through its Lifetime

ADVISORY - redhat

CWE-277⁠

Insecure Inherited Permissions

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.