CVE-2024-9313

Name of the Vulnerable Software and Affected Versions: Authd PAM module versions prior to 0.3.5

Description: The issue is related to errors in privilege management, allowing a remote attacker to gain access to another user's account by executing commands such as su, sudo, or ssh and modifying their transactions. This can enable broker-managed users to impersonate any other user managed by the same broker and perform any PAM operation with it, including authenticating as them.

Recommendations: For Authd PAM module versions prior to 0.3.5, update to version 0.3.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of su, sudo, and ssh commands to minimize the risk of exploitation. Additionally, ensure that tools such as su, sudo, and ssh are updated to versions that include the necessary fixes, such as su version that will include https://github.com/util-linux/util-linux/pull/3206, ssh version that will include https://github.com/openssh/openssh-portable/pull/521, and sudo version that will include https://github.com/sudo-project/sudo/pull/412.