Candidate: CVE-2022-25327
PublicDate: 2022-02-25 11:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25327
 https://www.openwall.com/lists/oss-security/2022/02/24/1
 https://github.com/google/fscrypt/commit/1a47718420317f893831b0223153d56005d5b02b
 https://github.com/google/fscrypt/commit/74e870b7bd1585b4b509da47e0e75db66336e576
 https://github.com/google/fscrypt/commit/b44fbe71e1e93c47050322af51725bac997641e0
Description:
 The PAM module for fscrypt doesn't adequately validate fscrypt metadata
 files, allowing users to create malicious metadata files that prevent other
 users from logging in. A local user can cause a denial of service by
 creating a fscrypt metadata file that prevents other users from logging
 into the system. We recommend upgrading to version 0.3.3 or above
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H [5.5 MEDIUM]


Patches_fscrypt:
 upstream: https://github.com/google/fscrypt/commit/1a47718420317f893831b0223153d56005d5b02b
 upstream: https://github.com/google/fscrypt/commit/74e870b7bd1585b4b509da47e0e75db66336e576
 upstream: https://github.com/google/fscrypt/commit/b44fbe71e1e93c47050322af51725bac997641e0
upstream_fscrypt: released (0.3.3)
trusty_fscrypt: ignored (out of standard support)
xenial_fscrypt: ignored (out of standard support)
bionic_fscrypt: needed
focal_fscrypt: needed
impish_fscrypt: needed
jammy_fscrypt: not-affected (0.3.3-1)
devel_fscrypt: not-affected (0.3.3-1)