Zinx Verituse

**Name of the Vulnerable Software and Affected Versions** ide-cd (affected versions not specified) cdrecord versions 2.01.0.a32 cdrtools versions 2.01.0.a32 pam versions 0.75 pam-devel versions 0.75 cdrecord-devel versions 2.01.0.a32 **Description** The issue allows local users to bypass read-only access and perform unauthorized write and erase operations. Multiple vulnerabilities in the cdrecord, cdrtools, pam, pam-devel, and cdrecord-devel packages of Red Hat Enterprise Linux can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited locally by an attacker who has passed the authentication procedure. **Recommendations** For ide-cd, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For cdrecord versions 2.01.0.a32, consider restricting access to the SG IO functionality until a patch is available. For cdrtools versions 2.01.0.a32, avoid using the vulnerable package until the issue is resolved. For pam versions 0.75, restrict access to the vulnerable module to minimize the risk of exploitation. For pam-devel versions 0.75, consider disabling the vulnerable functions until a patch is available. For cdrecord-devel versions 2.01.0.a32, restrict access to the vulnerable package to minimize the risk of exploitation.