First published: Fri Oct 23 2020(Updated: )
An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Illumos Illumos | <2020-10-22 | |
Joyent SmartOS | <20201022 | |
Omniosce Omnios | <r151030by | |
Omniosce Omnios | >=r151032<=r151032ay | |
Omniosce Omnios | >=r151034<r151034y |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2020-27678.
The severity of CVE-2020-27678 is critical with a score of 9.8.
CVE-2020-27678 affects illumos versions before 2020-10-22, OmniOS versions before r151030by, r151032ay, r151034y, and SmartOS versions before 20201022.
CVE-2020-27678 is a buffer overflow vulnerability in parse_user_name in lib/libpam/pam_framework.c.
Yes, a fix for CVE-2020-27678 is available. Please refer to the provided reference for more information.