Double free security issue
Bug #949218 reported by
Marc Deslauriers
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-pam (Ubuntu) |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Lucid |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Maverick |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Natty |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Oneiric |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Precise |
Fix Released
|
Medium
|
Marc Deslauriers |
Bug Description
LSE discovered that by supplying a password containing a NULL-byte to the PyPAM module, a double-free condition is triggered. This leads to undefined behaviour and may allow remote code execution.
Changed in python-pam (Ubuntu Lucid): | |
status: | New → Confirmed |
Changed in python-pam (Ubuntu Maverick): | |
status: | New → Confirmed |
Changed in python-pam (Ubuntu Natty): | |
status: | New → Confirmed |
Changed in python-pam (Ubuntu Oneiric): | |
status: | New → Confirmed |
Changed in python-pam (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in python-pam (Ubuntu Lucid): | |
importance: | Undecided → Medium |
Changed in python-pam (Ubuntu Maverick): | |
importance: | Undecided → Medium |
Changed in python-pam (Ubuntu Natty): | |
importance: | Undecided → Medium |
Changed in python-pam (Ubuntu Oneiric): | |
importance: | Undecided → Medium |
Changed in python-pam (Ubuntu Precise): | |
importance: | Undecided → Medium |
Changed in python-pam (Ubuntu Lucid): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in python-pam (Ubuntu Maverick): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in python-pam (Ubuntu Natty): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in python-pam (Ubuntu Oneiric): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in python-pam (Ubuntu Precise): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
visibility: | private → public |
To post a comment you must log in.
This bug was fixed in the package python-pam - 0.4.2-12.2ubuntu4
---------------
python-pam (0.4.2-12.2ubuntu4) precise; urgency=low
* SECURITY UPDATE: possible code execution via double-free (LP: #949218)
- PAMmodule.c: prevent double free in PyPAM_conv().
- Thanks to Markus Vervier for the notification and the patch.
- CVE-2012-1502
-- Marc Deslauriers <email address hidden> Thu, 08 Mar 2012 08:06:43 -0500