CVE-2024-47191 pam_oath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because in the context of PAM code running as root it mishandles usersfile access such as by calling fchown in the presence of a symlink.
ATT&CK techniques detected
T1556.003Pluggable Authentication Modules
56%
“cve - 2024 - 47191 pam _ oath. so in oath - toolkit 2. 6. 7 through 2. 6. 11 before 2. 6. 12 allows root privilege escalation because in the context of pam code running as root it mishandles usersfile access such as by calling fchown in the presence of a symlink. you need to enab…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Information published.