An update for pam is now available for openEuler-22.03-LTS-SP4 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-1600 Final 1.0 1.0 2025-06-06 Initial 2025-06-06 2025-06-06 openEuler SA Tool V1.0 2025-06-06 pam security update An update for pam is now available for openEuler-22.03-LTS-SP4 PAM (Pluggable Authentication Modules) is a system of libraries that handle the authentication tasks of applications (services) on the system. Security Fix(es): A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications.(CVE-2024-10041) An update for pam is now available for openEuler-22.03-LTS-SP4. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium pam https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1600 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-10041 https://nvd.nist.gov/vuln/detail/CVE-2024-10041 openEuler-22.03-LTS-SP4 pam-1.5.2-12.oe2203sp4.src.rpm pam-1.5.2-12.oe2203sp4.x86_64.rpm pam-debuginfo-1.5.2-12.oe2203sp4.x86_64.rpm pam-debugsource-1.5.2-12.oe2203sp4.x86_64.rpm pam-devel-1.5.2-12.oe2203sp4.x86_64.rpm pam-help-1.5.2-12.oe2203sp4.noarch.rpm pam-1.5.2-12.oe2203sp4.aarch64.rpm pam-debuginfo-1.5.2-12.oe2203sp4.aarch64.rpm pam-debugsource-1.5.2-12.oe2203sp4.aarch64.rpm pam-devel-1.5.2-12.oe2203sp4.aarch64.rpm A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications. 2025-06-06 CVE-2024-10041 openEuler-22.03-LTS-SP4 Medium 4.7 AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N pam security update 2025-06-06 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1600