VDB
DEBIAN-CVE-2024-47191
DEBIAN-CVE-2024-47191
PUBLISHED
CVSS 7.099999904632568 HIGH
pam_oath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because, in the context of PAM code running as root, it mishandles usersfile access, such as by calling fchown in the presence of a symlink.
Risk Scores
CVSS 3.1
7.099999904632568
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | oath-toolkit | 0, 0 |
| Debian:12 | oath-toolkit | 0, 2.6.7-3.1, 0 |
| Debian:13 | oath-toolkit | 0, 0 |
Timeline
- Oct 9, 2024 CVE Published
- Apr 28, 2026 CVE Updated