Security Advisory

CVE-2022-25327

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-25 11:00:14

Last updated 2025-04-21 13:56:22

Assigner Google

State PUBLISHED

Description

The PAM module for fscrypt doesnt adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a denial of service by creating a fscrypt metadata file that prevents other users from logging into the system. We recommend upgrading to version 0.3.3 or above

← Browse all CVEs View on cve.org ↗