Possible fingerjacking vulnerability: CVE-2024-37408
Bug #2069490 reported by
Yaron
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| pam (Ubuntu) |
Triaged
|
Undecided
|
Unassigned | ||
Bug Description
According to the aforementioned CVE, configuring fingerprint authorization for sudo poses a security threat.
It should either be mentioned as a warning or fixed otherwise.
Revision history for this message
| Mark Esler (eslerm) wrote | #1 |
| information type: | Private Security → Public Security |
Revision history for this message
| Yaron (sh-yaron) wrote | #2 |
| Changed in pam (Ubuntu): | |
| status: | New → Triaged |
To post a comment you must log in.
Is Ubuntu affected by default or is this an administrative choice?
https:/