CVE-2018-9275 - OpenCVE

In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file descriptors).

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Yubico	Yubico Pam

Configuration 1 [-]

cpe:2.3:a:yubico:yubico_pam:*:*:*:*:*:yubico:*:*

No data.

References

Link	Providers
https://bugzilla.opensuse.org/show_bug.cgi?id=1088027
https://github.com/Yubico/yubico-pam/commit/0f6ceabab0a8849b47f67d727aa526c2656089ba
https://github.com/Yubico/yubico-pam/issues/136

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-04-04T18:00:00Z

Updated: 2024-09-17T04:23:59.373Z

Reserved: 2018-04-04T00:00:00Z

Link: CVE-2018-9275

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2018-04-04T18:29:02.497

Modified: 2018-05-21T15:33:02.277

Link: CVE-2018-9275

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file descriptors)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-04-04T18:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.opensuse.org/show_bug.cgi?id=1088027"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/Yubico/yubico-pam/commit/0f6ceabab0a8849b47f67d727aa526c2656089ba"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/Yubico/yubico-pam/issues/136"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-9275", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file descriptors)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.opensuse.org/show_bug.cgi?id=1088027", "refsource": "CONFIRM", "url": "https://bugzilla.opensuse.org/show_bug.cgi?id=1088027"}, {"name": "https://github.com/Yubico/yubico-pam/commit/0f6ceabab0a8849b47f67d727aa526c2656089ba", "refsource": "CONFIRM", "url": "https://github.com/Yubico/yubico-pam/commit/0f6ceabab0a8849b47f67d727aa526c2656089ba"}, {"name": "https://github.com/Yubico/yubico-pam/issues/136", "refsource": "CONFIRM", "url": "https://github.com/Yubico/yubico-pam/issues/136"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T07:17:52.012Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.opensuse.org/show_bug.cgi?id=1088027"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/Yubico/yubico-pam/commit/0f6ceabab0a8849b47f67d727aa526c2656089ba"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/Yubico/yubico-pam/issues/136"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-9275", "datePublished": "2018-04-04T18:00:00Z", "dateReserved": "2018-04-04T00:00:00Z", "dateUpdated": "2024-09-17T04:23:59.373Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:yubico:yubico_pam:*:*:*:*:*:yubico:*:*", "matchCriteriaId": "2D66C6C0-64A8-44DF-A65E-1F17F4C98839", "versionEndIncluding": "2.25", "versionStartIncluding": "2.18", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file descriptors)."}, {"lang": "es", "value": "En check_user_token en util.c en el m\u00f3dulo Yubico PAM (tambi\u00e9n conocido como pam_yubico), de la versi\u00f3n 2.18 hasta la 2.25, los inicios de sesi\u00f3n exitosos pueden filtrar descriptores de archivo al archivo de mapeo auth. Esto puede conducir a una divulgaci\u00f3n de informaci\u00f3n (n\u00famero de serie de un dispositivo) y/o una denegaci\u00f3n de servicio (alcance del n\u00famero m\u00e1ximo de descriptores de archivo)."}], "id": "CVE-2018-9275", "lastModified": "2018-05-21T15:33:02.277", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-04-04T18:29:02.497", "references": [{"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.opensuse.org/show_bug.cgi?id=1088027"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/Yubico/yubico-pam/commit/0f6ceabab0a8849b47f67d727aa526c2656089ba"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/Yubico/yubico-pam/issues/136"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}