CVE-2018-1113

Name of the Vulnerable Software and Affected Versions setup versions prior to 2.11.4-1.fc28

Description The issue is related to errors in authorization. It violates security assumptions made by pam shells and some daemons, which allow access based on a user's shell being listed in /etc/shells. Under some circumstances, users who had their shell changed to /sbin/nologin could still access the system. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations For versions prior to 2.11.4-1.fc28, update to version 2.11.4-1.fc28 or later to resolve the issue. As a temporary workaround, consider restricting access to the pam shells module until a patch is available. Avoid using the /sbin/nologin and /usr/sbin/nologin shells in /etc/shells to minimize the risk of exploitation.