CVE-2018-9275 - OpenCVE

In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file descriptors).

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Yubico	Yubico Pam

Configuration 1 [-]

cpe:2.3:a:yubico:yubico_pam:*:*:*:*:*:yubico:*:*

References

Link	Resource
https://bugzilla.opensuse.org/show_bug.cgi?id=1088027	Issue Tracking Third Party Advisory
https://github.com/Yubico/yubico-pam/commit/0f6ceabab0a8849b47f67d727aa526c2656089ba	Patch
https://github.com/Yubico/yubico-pam/issues/136	Issue Tracking Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:21:57

Updated: 2022-10-03T16:21:57

Reserved: 2022-10-03T00:00:00

Link: CVE-2018-9275

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-04-04T18:29:02.497

Modified: 2018-05-21T15:33:02.277

Link: CVE-2018-9275

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file descriptors)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-10-03T16:21:57", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.opensuse.org/show_bug.cgi?id=1088027"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/Yubico/yubico-pam/commit/0f6ceabab0a8849b47f67d727aa526c2656089ba"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/Yubico/yubico-pam/issues/136"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-9275", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file descriptors)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.opensuse.org/show_bug.cgi?id=1088027", "refsource": "CONFIRM", "url": "https://bugzilla.opensuse.org/show_bug.cgi?id=1088027"}, {"name": "https://github.com/Yubico/yubico-pam/commit/0f6ceabab0a8849b47f67d727aa526c2656089ba", "refsource": "CONFIRM", "url": "https://github.com/Yubico/yubico-pam/commit/0f6ceabab0a8849b47f67d727aa526c2656089ba"}, {"name": "https://github.com/Yubico/yubico-pam/issues/136", "refsource": "CONFIRM", "url": "https://github.com/Yubico/yubico-pam/issues/136"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-9275", "datePublished": "2022-10-03T16:21:57", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2022-10-03T16:21:57", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:yubico:yubico_pam:*:*:*:*:*:yubico:*:*", "matchCriteriaId": "2D66C6C0-64A8-44DF-A65E-1F17F4C98839", "versionEndIncluding": "2.25", "versionStartIncluding": "2.18", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file descriptors)."}, {"lang": "es", "value": "En check_user_token en util.c en el m\u00f3dulo Yubico PAM (tambi\u00e9n conocido como pam_yubico), de la versi\u00f3n 2.18 hasta la 2.25, los inicios de sesi\u00f3n exitosos pueden filtrar descriptores de archivo al archivo de mapeo auth. Esto puede conducir a una divulgaci\u00f3n de informaci\u00f3n (n\u00famero de serie de un dispositivo) y/o una denegaci\u00f3n de servicio (alcance del n\u00famero m\u00e1ximo de descriptores de archivo)."}], "id": "CVE-2018-9275", "lastModified": "2018-05-21T15:33:02.277", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-04-04T18:29:02.497", "references": [{"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.opensuse.org/show_bug.cgi?id=1088027"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/Yubico/yubico-pam/commit/0f6ceabab0a8849b47f67d727aa526c2656089ba"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/Yubico/yubico-pam/issues/136"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}