Home / mailings [USN-7761-1] PAM vulnerability
Posted on 22 September 2025
Ubuntu Security==========================================================================Ubuntu Security Notice USN-7761-1
September 22, 2025
pam vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.04 LTS
Summary:
PAM could allow unintended access to network services.
Software Description:
- pam: Pluggable Authentication Modules
Details:
It was discovered that the PAM pam_access module incorrectly parsed
certain rules as hostnames. An attacker could possibly use this issue to
spoof hostnames and bypass access restrictions.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
libpam-modules 1.5.3-7ubuntu4.4
Ubuntu 24.04 LTS
libpam-modules 1.5.3-5ubuntu5.5
After a standard system update you need to reboot your computer to make all
the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7761-1
CVE-2024-10963
Package Information:
https://launchpad.net/ubuntu/+source/pam/1.5.3-7ubuntu4.4
https://launchpad.net/ubuntu/+source/pam/1.5.3-5ubuntu5.5
--===============5418937136458457468==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
