CVE-2022-28321

Summary

CVE	CVE-2022-28321
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-09-19 22:15:00 UTC
Updated	2023-08-08 14:21:00 UTC
Description	The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.

Risk And Classification

Problem Types: CWE-287

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Linux-pam	Linux-pam	All	All	All	All
Operating System	Opensuse	Tumbleweed	-	All	All	All

References

Reference	Source	Link	Tags
Bug 1197654 – VUL-0: CVE-2022-28321: pam: access denial bypass in pam_access.so	MISC	bugzilla.suse.com
Index of /source/distribution/openSUSE-current/repo/oss/src	MISC	download.opensuse.org
CVE-2022-28321 \| SUSE	MISC	www.suse.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

199131 Ubuntu Security Notification for PAM Vulnerability (USN-5825-1)
591406 Siemens SIMATIC S7-1500 CPU GNU/Linux subsystem Multiple Vulnerabilities (SSB-439005, ICSA-22-104-13)
904831 Common Base Linux Mariner (CBL-Mariner) Security Update for pam (12406)
905025 Common Base Linux Mariner (CBL-Mariner) Security Update for pam (12603)