Linux-pam: linux-pam directory traversal
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.
Affected products
- *
- <1.7.1
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
Matching in nixpkgs
pkgs.pam
Pluggable Authentication Modules, a flexible mechanism for authenticating user
-
nixos-unstable -
- nixpkgs-unstable 1.7.1
pkgs.ipam
Cli based IPAM written in Go with PowerDNS support
-
nixos-unstable -
- nixpkgs-unstable 0.3.0-1
pkgs.paml
Phylogenetic Analysis by Maximum Likelihood (PAML)
-
nixos-unstable -
- nixpkgs-unstable 4.10.7
pkgs.openpam
Open source PAM library that focuses on simplicity, correctness, and cleanliness
-
nixos-unstable -
- nixpkgs-unstable 20230627
pkgs.pam_u2f
PAM module for allowing authentication with a U2F device
-
nixos-unstable -
- nixpkgs-unstable 1.4.0
pkgs.dopamine
Audio player that keeps it simple
-
nixos-unstable -
- nixpkgs-unstable 3.0.0-preview.39
pkgs.pam_krb5
PAM module allowing PAM-aware applications to authenticate users by performing an AS exchange with a Kerberos KDC
-
nixos-unstable -
- nixpkgs-unstable krb5-4.11
pkgs.pam_ldap
LDAP backend for PAM
-
nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-02-22
pkgs.pam_rssh
PAM module for authenticating via ssh-agent, written in Rust
-
nixos-unstable -
- nixpkgs-unstable 1.2.0
pkgs.pam_ussh
PAM module to authenticate using SSH certificates
-
nixos-unstable -
- nixpkgs-unstable 0-unstable-2021-06-15
pkgs.linux-pam
Pluggable Authentication Modules, a flexible mechanism for authenticating user
-
nixos-unstable -
- nixpkgs-unstable 1.7.1
pkgs.ncpamixer
Terminal mixer for PulseAudio inspired by pavucontrol
-
nixos-unstable -
- nixpkgs-unstable 1.3.9
pkgs.pam_mount
PAM module to mount volumes for a user session
-
nixos-unstable -
- nixpkgs-unstable 2.20
pkgs.pam_mysql
PAM authentication module against a MySQL database
-
nixos-unstable -
- nixpkgs-unstable 1.0.0-beta2
pkgs.pam_pgsql
Support to authenticate against PostgreSQL for PAM-enabled appliations
-
nixos-unstable -
- nixpkgs-unstable 2020-05-05
pkgs.pam_ccreds
PAM module to locally authenticate using an enterprise identity when the network is unavailable
-
nixos-unstable -
- nixpkgs-unstable 10
pkgs.pam_mktemp
PAM for login service to provide per-user private directories
-
nixos-unstable -
- nixpkgs-unstable 1.1.1
pkgs.pam_rundir
Provide user runtime directory on Linux systems
-
nixos-unstable -
- nixpkgs-unstable 1.0.0
pkgs.pam_tmpdir
PAM module for creating safe per-user temporary directories
-
nixos-unstable -
- nixpkgs-unstable 0.09
pkgs.yubico-pam
Yubico PAM module
-
nixos-unstable -
- nixpkgs-unstable 2.27
pkgs.pam-watchid
PAM plugin module that allows the Apple Watch to be used for authentication
-
nixos-unstable -
- nixpkgs-unstable 2-unstable-2024-12-24
pkgs.apparmor-pam
Mandatory access control system - PAM service
-
nixos-unstable -
- nixpkgs-unstable 4.1.1
pkgs.opam-publish
Tool to ease contributions to opam repositories
-
nixos-unstable -
- nixpkgs-unstable 2.5.1
pkgs.pam-reattach
Reattach to the user's GUI session on macOS during authentication (for Touch ID support in tmux)
-
nixos-unstable -
- nixpkgs-unstable 1.3
pkgs.spamassassin
Open-Source Spam Filter
-
nixos-unstable -
- nixpkgs-unstable 4.0.1
pkgs.nss_pam_ldapd
LDAP identity and authentication for NSS/PAM
-
nixos-unstable -
- nixpkgs-unstable 0.9.13
pkgs.libpam-wrapper
Wrapper for testing PAM modules
-
nixos-unstable -
- nixpkgs-unstable 1.1.5
pkgs.opam-installer
Handle (un)installation from opam install files
-
nixos-unstable -
- nixpkgs-unstable 2.4.1
pkgs.pam-honeycreds
PAM module that sends warnings when fake passwords are used
-
nixos-unstable -
- nixpkgs-unstable 1.9
pkgs.rspamd-trainer
Grabs messages from a spam mailbox via IMAP and feeds them to Rspamd for training
-
nixos-unstable -
- nixpkgs-unstable 2023-11-27
pkgs.pam_ssh_agent_auth
PAM module for authentication through the SSH agent
-
nixos-unstable -
- nixpkgs-unstable 0.10.4
pkgs.rubyPackages.rpam2
None
-
nixos-unstable -
- nixpkgs-unstable rpam2-4.0.2
pkgs.decode-spam-headers
Script that helps you understand why your E-Mail ended up in Spam
-
nixos-unstable -
- nixpkgs-unstable 2022-09-22-unreleased
pkgs.haskellPackages.pam
Haskell binding for C PAM API
-
nixos-unstable -
- nixpkgs-unstable 0.2.0.0
pkgs.luaPackages.lua-pam
Lua module for PAM authentication
-
nixos-unstable -
- nixpkgs-unstable 2015-07-03
pkgs.google-authenticator
Two-step verification, with pam module
-
nixos-unstable -
- nixpkgs-unstable 1.11
pkgs.lua51Packages.lua-pam
Lua module for PAM authentication
-
nixos-unstable -
- nixpkgs-unstable 2015-07-03
pkgs.lua52Packages.lua-pam
Lua module for PAM authentication
-
nixos-unstable -
- nixpkgs-unstable 2015-07-03
pkgs.lua53Packages.lua-pam
Lua module for PAM authentication
-
nixos-unstable -
- nixpkgs-unstable 2015-07-03
pkgs.rubyPackages_3_1.rpam2
None
-
nixos-unstable -
- nixpkgs-unstable rpam2-4.0.2
pkgs.rubyPackages_3_2.rpam2
None
-
nixos-unstable -
- nixpkgs-unstable rpam2-4.0.2
pkgs.rubyPackages_3_3.rpam2
None
-
nixos-unstable -
- nixpkgs-unstable rpam2-4.0.2
pkgs.rubyPackages_3_4.rpam2
None
-
nixos-unstable -
- nixpkgs-unstable rpam2-4.0.2
pkgs.kdePackages.kwallet-pam
PAM Integration with KWallet - Unlock KWallet when you login
-
nixos-unstable -
- nixpkgs-unstable 6.4.5
pkgs.opensmtpd-filter-rspamd
OpenSMTPD filter integration for the Rspamd daemon
-
nixos-unstable -
- nixpkgs-unstable 0.1.8
pkgs.python312Packages.pamqp
RabbitMQ Focused AMQP low-level library
-
nixos-unstable -
- nixpkgs-unstable 3.3.0
pkgs.python313Packages.pamqp
RabbitMQ Focused AMQP low-level library
-
nixos-unstable -
- nixpkgs-unstable 3.3.0
pkgs.sbclPackages.cl-xmlspam
None
-
nixos-unstable -
- nixpkgs-unstable 20101006-http
pkgs.python312Packages.pamela
PAM interface using ctypes
-
nixos-unstable -
- nixpkgs-unstable 1.2.0
pkgs.python313Packages.pamela
PAM interface using ctypes
-
nixos-unstable -
- nixpkgs-unstable 1.2.0
pkgs.stalwart-mail-spam-filter
Secure & modern all-in-one mail server Stalwart (spam-filter module)
-
nixos-unstable -
- nixpkgs-unstable 2.0.3
pkgs.python312Packages.pypamtest
Wrapper for testing PAM modules
-
nixos-unstable -
- nixpkgs-unstable 1.1.5
pkgs.python313Packages.pypamtest
Wrapper for testing PAM modules
-
nixos-unstable -
- nixpkgs-unstable 1.1.5
pkgs.python312Packages.python-pam
Python pam module
-
nixos-unstable -
- nixpkgs-unstable 2.0.2
pkgs.python313Packages.python-pam
Python pam module
-
nixos-unstable -
- nixpkgs-unstable 2.0.2
pkgs.wordpressPackages.plugins.antispam-bee
None
-
nixos-unstable -
- nixpkgs-unstable 2.11.7
pkgs.matrix-synapse-plugins.matrix-synapse-pam
PAM auth provider for the Synapse Matrix server
-
nixos-unstable -
- nixpkgs-unstable 0.1.3
pkgs.matrix-synapse-plugins.synapse-http-antispam
Synapse module that forwards spam checking to an HTTP server
-
nixos-unstable -
- nixpkgs-unstable 0.5.0
pkgs.matrix-synapse-plugins.matrix-synapse-mjolnir-antispam
AntiSpam / Banlist plugin to be used with mjolnir
-
nixos-unstable -
- nixpkgs-unstable 1.11.0
pkgs.vscode-extensions.fabiospampinato.vscode-open-in-github
VS Code extension to open the current project or file in github.com
-
nixos-unstable -
- nixpkgs-unstable 2.3.1
Package maintainers
-
@ju1m Julien Moutinho <julm+nixpkgs@sourcephile.fr>
-
@LordGrimmauld Sören Bender <soeren@benjos.de>
-
@thoughtpolice Austin Seipp <aseipp@pobox.com>
-
@Guanran928 Guanran Wang <guanran928@outlook.com>
-
@ern775 Eren Demir <eren.demir2479090@gmail.com>
-
@aneeshusa Aneesh Agrawal <aneeshusa@gmail.com>
-
@K900 Ilya K. <me@0upti.me>
-
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
-
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
-
@NickCao Nick Cao <nickcao@nichi.co>
-
@mjm Matt Moriarity <matt@mattmoriarity.com>
-
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
-
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
-
@traxys Quentin Boyer <quentin+dev@familleboyer.net>
-
@jojosch Johannes Schleifenbaum <johannes@js-webcoding.de>
-
@sumnerevans Sumner Evans <me@sumnerevans.com>
-
@astro Astro <astro@spaceboyz.net>
-
@tanneberger Tassilo Tanneberger <revol-xut@protonmail.com>
-
@gshipunov Grigory Shipunov <blame@oxapentane.com>
-
@niols Nicolas Jeannerod <niols@niols.fr>
-
@balsoft Alexander Bantyev <balsoft75@gmail.com>
-
@matthewbauer Matthew Bauer <mjbauer95@gmail.com>
-
@Flakebi Sebastian Neubauer <flakebi@t-online.de>
-
@h7x4 h7x4 <h7x4@nani.wtf>
-
@lockejan Jan Schmitt <git@smittie.de>
-
@Samasaur1 Samasaur <sam@samasaur.com>
-
@majiru Jacob Moody <moody@posixcafe.org>
-
@wladmis Wladmis <dev@wladmis.org>
-
@NetaliDev Jennifer Graul <me@netali.de>
-
@sbourdeauducq Sébastien Bourdeauducq <sb@m-labs.hk>
-
@Kranzes Ilan Joselevich <personal@ilanjoselevich.com>
-
@XYenon XYenon <i@xyenon.bid>
-
@aanderse Aaron Andersen <aaron@fosslib.net>
-
@peterhoeg Peter Hoeg <peter@hoeg.com>
-
@philandstuff Philip Potter <philip.g.potter@gmail.com>
-
@lukegb Luke Granger-Brown <nix@lukegb.com>
-
@thiagokokada Thiago K. Okada <thiagokokada@gmail.com>
-
@dotlambda Robert Schütz <rschuetz17@gmail.com>
-
@mkg20001 Maciej Krüger <mkg20001+nix@gmail.com>
-
@avnik Alexander V. Nikolaev <avn@avnik.info>
-
@nlewo Antoine Eiche <lewo@abesis.fr>
-
@globin Robin Gloster <mail@glob.in>
-
@fpletz Franz Pletz <fpletz@fnordicwalking.de>
-
@onny Jonas Heinrich <onny@project-insanity.org>
-
@nagy Daniel Nagy <danielnagy@posteo.de>
-
@lukego Luke Gorrie <luke@snabb.co>
-
@Uthar Kasper Gałkowski <galkowskikasper@gmail.com>
-
@7c6f434c Michael Raskin <7c6f434c@mail.ru>
-
@hraban Hraban Luyat <hraban@0brg.net>
-
@qknight Joachim Schiele <js@lastlog.de>
-
@alyssais Alyssa Ross <hi@alyssa.is>
-
@norpl Syd Lightyear <norpol+nixpkgs@exaple.org>
-
@Pandapip1 Gavin John <gavinnjohn@gmail.com>
-
@happysalada Raphael Megzari <raphael@megzari.com>
-
@oddlama oddlama <oddlama@oddlama.org>