Double free security issue
Bug #949218 reported by
Marc Deslauriers
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| python-pam (Ubuntu) |
Fix Released
|
Medium
|
Marc Deslauriers | ||
| Lucid |
Fix Released
|
Medium
|
Marc Deslauriers | ||
| Maverick |
Fix Released
|
Medium
|
Marc Deslauriers | ||
| Natty |
Fix Released
|
Medium
|
Marc Deslauriers | ||
| Oneiric |
Fix Released
|
Medium
|
Marc Deslauriers | ||
| Precise |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Bug Description
LSE discovered that by supplying a password containing a NULL-byte to the PyPAM module, a double-free condition is triggered. This leads to undefined behaviour and may allow remote code execution.
| Changed in python-pam (Ubuntu Lucid): | |
| status: | New → Confirmed |
| Changed in python-pam (Ubuntu Maverick): | |
| status: | New → Confirmed |
| Changed in python-pam (Ubuntu Natty): | |
| status: | New → Confirmed |
| Changed in python-pam (Ubuntu Oneiric): | |
| status: | New → Confirmed |
| Changed in python-pam (Ubuntu Precise): | |
| status: | New → Confirmed |
| Changed in python-pam (Ubuntu Lucid): | |
| importance: | Undecided → Medium |
| Changed in python-pam (Ubuntu Maverick): | |
| importance: | Undecided → Medium |
| Changed in python-pam (Ubuntu Natty): | |
| importance: | Undecided → Medium |
| Changed in python-pam (Ubuntu Oneiric): | |
| importance: | Undecided → Medium |
| Changed in python-pam (Ubuntu Precise): | |
| importance: | Undecided → Medium |
| Changed in python-pam (Ubuntu Lucid): | |
| assignee: | nobody → Marc Deslauriers (mdeslaur) |
| Changed in python-pam (Ubuntu Maverick): | |
| assignee: | nobody → Marc Deslauriers (mdeslaur) |
| Changed in python-pam (Ubuntu Natty): | |
| assignee: | nobody → Marc Deslauriers (mdeslaur) |
| Changed in python-pam (Ubuntu Oneiric): | |
| assignee: | nobody → Marc Deslauriers (mdeslaur) |
| Changed in python-pam (Ubuntu Precise): | |
| assignee: | nobody → Marc Deslauriers (mdeslaur) |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #1 |
| Changed in python-pam (Ubuntu Precise): | |
| status: | Confirmed → Fix Released |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #2 |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #3 |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #4 |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #5 |
| Changed in python-pam (Ubuntu Lucid): | |
| status: | Confirmed → Fix Released |
| Changed in python-pam (Ubuntu Maverick): | |
| status: | Confirmed → Fix Released |
| Changed in python-pam (Ubuntu Natty): | |
| status: | Confirmed → Fix Released |
| Changed in python-pam (Ubuntu Oneiric): | |
| status: | Confirmed → Fix Released |
| visibility: | private → public |
To post a comment you must log in.
This bug was fixed in the package python-pam - 0.4.2-12.2ubuntu4
---------------
python-pam (0.4.2-12.2ubuntu4) precise; urgency=low
* SECURITY UPDATE: possible code execution via double-free (LP: #949218)
- PAMmodule.c: prevent double free in PyPAM_conv().
- Thanks to Markus Vervier for the notification and the patch.
- CVE-2012-1502
-- Marc Deslauriers <email address hidden> Thu, 08 Mar 2012 08:06:43 -0500