[Bug 2069490] Re: Possible fingerjacking vulnerability: CVE-2024-37408
Mark Esler
2069490 at bugs.launchpad.net
Mon Jun 17 00:44:06 UTC 2024
Is Ubuntu affected by default or is this an administrative choice?
https://www.openwall.com/lists/oss-security/2024/05/30/3
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/2069490
Title:
Possible fingerjacking vulnerability: CVE-2024-37408
Status in pam package in Ubuntu:
New
Bug description:
According to the aforementioned CVE, configuring fingerprint authorization for sudo poses a security threat.
It should either be mentioned as a warning or fixed otherwise.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/2069490/+subscriptions
More information about the foundations-bugs
mailing list