CVE Vulnerabilities

CVE-2020-36394

Published: Jun 22, 2021 | Modified: Jun 29, 2021
CVSS 3.x
7
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
6.9 MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
LOW

pam_setquota.c in the pam_setquota module before 2020-05-29 for Linux-PAM allows local attackers to set their quota on an arbitrary filesystem, in certain situations where the attackers home directory is a FUSE filesystem mounted under /home.

Affected Software

Name Vendor Start Version End Version
Pam_setquota Pam_setquota_project * 2020-05-29 (excluding)
Pam Ubuntu groovy *
Pam Ubuntu hirsute *
Pam Ubuntu impish *
Pam Ubuntu trusty *

References