Didier Roche-Tolomelli

Name of the Vulnerable Software and Affected Versions: Authd PAM module versions prior to 0.3.5 Description: The issue is related to errors in privilege management, allowing a remote attacker to gain access to another user's account by executing commands such as `su`, `sudo`, or `ssh` and modifying their transactions. This can enable broker-managed users to impersonate any other user managed by the same broker and perform any PAM operation with it, including authenticating as them. Recommendations: For Authd PAM module versions prior to 0.3.5, update to version 0.3.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of `su`, `sudo`, and `ssh` commands to minimize the risk of exploitation. Additionally, ensure that tools such as `su`, `sudo`, and `ssh` are updated to versions that include the necessary fixes, such as `su` version that will include https://github.com/util-linux/util-linux/pull/3206, `ssh` version that will include https://github.com/openssh/openssh-portable/pull/521, and `sudo` version that will include https://github.com/sudo-project/sudo/pull/412.