Credentials Management Errors
CVE-2022-25327
Summary
The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a denial of service by creating a fscrypt metadata file that prevents other users from logging into the system. We recommend upgrading to version 0.3.3 or above
- LOW
- LOCAL
- NONE
- UNCHANGED
- NONE
- LOW
- NONE
- HIGH
CWE-255 - Credentials Management Errors
Weaknesses in this category are related to the management of credentials.
Advisory Timeline
- Published