Marcus Granado

**Name of the Vulnerable Software and Affected Versions** Linux-PAM versions 1.0.3 and earlier **Description** The issue is related to an integer signedness error in the pam StrTok function. This error can occur when a configuration file contains non-ASCII usernames. As a result, remote attackers might be able to cause a denial of service. Additionally, remote authenticated users might be able to obtain login access with a different user's non-ASCII username by making a login attempt. **Recommendations** For Linux-PAM versions 1.0.3 and earlier, update to a version later than 1.0.3 to resolve the issue.