pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount.
Software | From | Fixed in |
---|---|---|
pam_mount / pam_mount | 0.10 | 0.10.x |
pam_mount / pam_mount | 0.11 | 0.11.x |
pam_mount / pam_mount | 0.12.2 | 0.12.2.x |
pam_mount / pam_mount | 0.13 | 0.13.x |
pam_mount / pam_mount | 0.15 | 0.15.x |
pam_mount / pam_mount | 0.16 | 0.16.x |
pam_mount / pam_mount | 0.17 | 0.17.x |
pam_mount / pam_mount | 0.18 | 0.18.x |
pam_mount / pam_mount | 0.19 | 0.19.x |
pam_mount / pam_mount | 0.20 | 0.20.x |
pam_mount / pam_mount | 0.21 | 0.21.x |
pam_mount / pam_mount | 0.26 | 0.26.x |
pam_mount / pam_mount | 0.27 | 0.27.x |
pam_mount / pam_mount | 0.28 | 0.28.x |
pam_mount / pam_mount | 0.29 | 0.29.x |
pam_mount / pam_mount | 0.31 | 0.31.x |
pam_mount / pam_mount | 0.32 | 0.32.x |
pam_mount / pam_mount | 0.35 | 0.35.x |
pam_mount / pam_mount | 0.35.1 | 0.35.1.x |
pam_mount / pam_mount | 0.37 | 0.37.x |
pam_mount / pam_mount | 0.38 | 0.38.x |
pam_mount / pam_mount | 0.39 | 0.39.x |
pam_mount / pam_mount | 0.40 | 0.40.x |
pam_mount / pam_mount | 0.41 | 0.41.x |
pam_mount / pam_mount | 0.43 | 0.43.x |
pam_mount / pam_mount | 0.44 | 0.44.x |
pam_mount / pam_mount | 0.45 | 0.45.x |