Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2024:9941 - Security Advisory
Issued:
2024-11-19
Updated:
2024-11-19

RHSA-2024:9941 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: pam security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for pam is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.

Security Fix(es):

  • pam: libpam: Libpam vulnerable to read hashed password (CVE-2024-10041)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x

Fixes

  • BZ - 2319212 - CVE-2024-10041 pam: libpam: Libpam vulnerable to read hashed password

CVEs

  • CVE-2024-10041

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
pam-1.5.1-21.el9_4.src.rpm SHA-256: 6cc9872e58a64cf241ef5b6ca8b394fdeb60298e0223d1eca4e986824b6ac69a
x86_64
pam-1.5.1-21.el9_4.i686.rpm SHA-256: 4b60f52bec4b64fcd5e347c373606d42cc98b19e367c9d0743d69886d32991b8
pam-1.5.1-21.el9_4.x86_64.rpm SHA-256: 96cab1659ba5f7b987d9213b9a99b5f0b3436b4a12b64b977262c0e3358659d3
pam-debuginfo-1.5.1-21.el9_4.i686.rpm SHA-256: 47854ce8c04c542f6505b428b9f3a8a1f0e3c1e88ac68f99f6243ad82981e3ec
pam-debuginfo-1.5.1-21.el9_4.i686.rpm SHA-256: 47854ce8c04c542f6505b428b9f3a8a1f0e3c1e88ac68f99f6243ad82981e3ec
pam-debuginfo-1.5.1-21.el9_4.x86_64.rpm SHA-256: 58d0cfc3be7ad1f692102cad68422b87188e94e31afaaf2fb402cb4eeab9e905
pam-debuginfo-1.5.1-21.el9_4.x86_64.rpm SHA-256: 58d0cfc3be7ad1f692102cad68422b87188e94e31afaaf2fb402cb4eeab9e905
pam-debugsource-1.5.1-21.el9_4.i686.rpm SHA-256: f275cc1c4da848a509097279b299e85dc1868eaedb4a7c0b14529b46b7c7f8d1
pam-debugsource-1.5.1-21.el9_4.i686.rpm SHA-256: f275cc1c4da848a509097279b299e85dc1868eaedb4a7c0b14529b46b7c7f8d1
pam-debugsource-1.5.1-21.el9_4.x86_64.rpm SHA-256: 2bf2499a339d7b477f0e9b68d8f5d283da57c09853adf7fe6940748456a2c05d
pam-debugsource-1.5.1-21.el9_4.x86_64.rpm SHA-256: 2bf2499a339d7b477f0e9b68d8f5d283da57c09853adf7fe6940748456a2c05d
pam-devel-1.5.1-21.el9_4.i686.rpm SHA-256: 55cbcd9501075fd0423c095781ef9374e0684cf2a4ff94999f90f54f1a5a832a
pam-devel-1.5.1-21.el9_4.x86_64.rpm SHA-256: 91867bb4b4f398ca191c7bc7e8e7bdffbcdb2db70c1cd75255d4411f8c7ed16d
pam-docs-1.5.1-21.el9_4.x86_64.rpm SHA-256: d32c91a43da4b96061994c7cbd362c96eeadafb25dc01797d96ff238b72e06d1

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
pam-1.5.1-21.el9_4.src.rpm SHA-256: 6cc9872e58a64cf241ef5b6ca8b394fdeb60298e0223d1eca4e986824b6ac69a
x86_64
pam-1.5.1-21.el9_4.i686.rpm SHA-256: 4b60f52bec4b64fcd5e347c373606d42cc98b19e367c9d0743d69886d32991b8
pam-1.5.1-21.el9_4.x86_64.rpm SHA-256: 96cab1659ba5f7b987d9213b9a99b5f0b3436b4a12b64b977262c0e3358659d3
pam-debuginfo-1.5.1-21.el9_4.i686.rpm SHA-256: 47854ce8c04c542f6505b428b9f3a8a1f0e3c1e88ac68f99f6243ad82981e3ec
pam-debuginfo-1.5.1-21.el9_4.i686.rpm SHA-256: 47854ce8c04c542f6505b428b9f3a8a1f0e3c1e88ac68f99f6243ad82981e3ec
pam-debuginfo-1.5.1-21.el9_4.x86_64.rpm SHA-256: 58d0cfc3be7ad1f692102cad68422b87188e94e31afaaf2fb402cb4eeab9e905
pam-debuginfo-1.5.1-21.el9_4.x86_64.rpm SHA-256: 58d0cfc3be7ad1f692102cad68422b87188e94e31afaaf2fb402cb4eeab9e905
pam-debugsource-1.5.1-21.el9_4.i686.rpm SHA-256: f275cc1c4da848a509097279b299e85dc1868eaedb4a7c0b14529b46b7c7f8d1
pam-debugsource-1.5.1-21.el9_4.i686.rpm SHA-256: f275cc1c4da848a509097279b299e85dc1868eaedb4a7c0b14529b46b7c7f8d1
pam-debugsource-1.5.1-21.el9_4.x86_64.rpm SHA-256: 2bf2499a339d7b477f0e9b68d8f5d283da57c09853adf7fe6940748456a2c05d
pam-debugsource-1.5.1-21.el9_4.x86_64.rpm SHA-256: 2bf2499a339d7b477f0e9b68d8f5d283da57c09853adf7fe6940748456a2c05d
pam-devel-1.5.1-21.el9_4.i686.rpm SHA-256: 55cbcd9501075fd0423c095781ef9374e0684cf2a4ff94999f90f54f1a5a832a
pam-devel-1.5.1-21.el9_4.x86_64.rpm SHA-256: 91867bb4b4f398ca191c7bc7e8e7bdffbcdb2db70c1cd75255d4411f8c7ed16d
pam-docs-1.5.1-21.el9_4.x86_64.rpm SHA-256: d32c91a43da4b96061994c7cbd362c96eeadafb25dc01797d96ff238b72e06d1

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
pam-1.5.1-21.el9_4.src.rpm SHA-256: 6cc9872e58a64cf241ef5b6ca8b394fdeb60298e0223d1eca4e986824b6ac69a
s390x
pam-1.5.1-21.el9_4.s390x.rpm SHA-256: 37fdea489f5d8d9baf222521822e6a61616340f960ec59ace0c1d54e244e0ee4
pam-debuginfo-1.5.1-21.el9_4.s390x.rpm SHA-256: 9934331c2d9776adce44c8670791610ae2bf02d1da731f8c8152b2f8ac52d38a
pam-debuginfo-1.5.1-21.el9_4.s390x.rpm SHA-256: 9934331c2d9776adce44c8670791610ae2bf02d1da731f8c8152b2f8ac52d38a
pam-debugsource-1.5.1-21.el9_4.s390x.rpm SHA-256: 1f91a371b73e17ecac962280826b40370431e752cedbb73e77e595cd24c47fcb
pam-debugsource-1.5.1-21.el9_4.s390x.rpm SHA-256: 1f91a371b73e17ecac962280826b40370431e752cedbb73e77e595cd24c47fcb
pam-devel-1.5.1-21.el9_4.s390x.rpm SHA-256: 3941aa005cb624e8b9f203a4c6424f19354803a5de662d9ca572eb4c1863af01
pam-docs-1.5.1-21.el9_4.s390x.rpm SHA-256: 6c8e54c3927a266071abf5c0e3d9baa5017f37c01de1c006b3f0c10e35600a8a

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
pam-1.5.1-21.el9_4.src.rpm SHA-256: 6cc9872e58a64cf241ef5b6ca8b394fdeb60298e0223d1eca4e986824b6ac69a
ppc64le
pam-1.5.1-21.el9_4.ppc64le.rpm SHA-256: ce1db0f986098e0fc7e91b3c1f88f0b1a5cc84ef2bceca9b3fc137a1d7191cfd
pam-debuginfo-1.5.1-21.el9_4.ppc64le.rpm SHA-256: 0424f971646dc7d37a208e5ecab85ccea3a2e382cfcc84eabf469c6b90e3be85
pam-debuginfo-1.5.1-21.el9_4.ppc64le.rpm SHA-256: 0424f971646dc7d37a208e5ecab85ccea3a2e382cfcc84eabf469c6b90e3be85
pam-debugsource-1.5.1-21.el9_4.ppc64le.rpm SHA-256: ce8cbcaab77a833b270008f4eb03a8efe4372a41df0d7b75a6b124316cc5cae7
pam-debugsource-1.5.1-21.el9_4.ppc64le.rpm SHA-256: ce8cbcaab77a833b270008f4eb03a8efe4372a41df0d7b75a6b124316cc5cae7
pam-devel-1.5.1-21.el9_4.ppc64le.rpm SHA-256: 897aa102e5031d589cf2be8f5cb2c96ff79c4fc5bba9dc6e71a00a3282ef0e79
pam-docs-1.5.1-21.el9_4.ppc64le.rpm SHA-256: a5c6d7c857c5230dbe96eb5360d95e37cb3311d0b8ba9b5f6eff0c7e8457b9d7

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
pam-1.5.1-21.el9_4.src.rpm SHA-256: 6cc9872e58a64cf241ef5b6ca8b394fdeb60298e0223d1eca4e986824b6ac69a
aarch64
pam-1.5.1-21.el9_4.aarch64.rpm SHA-256: aa148bc2be2ac289f196a046b53007eebe97b7ee5734985483fb558162a67837
pam-debuginfo-1.5.1-21.el9_4.aarch64.rpm SHA-256: c5bfa44a47ccc66b5c9a337d8fd2602afe7389ab3657e119eae7029a3cc276c8
pam-debuginfo-1.5.1-21.el9_4.aarch64.rpm SHA-256: c5bfa44a47ccc66b5c9a337d8fd2602afe7389ab3657e119eae7029a3cc276c8
pam-debugsource-1.5.1-21.el9_4.aarch64.rpm SHA-256: 9b5f443bcb68709aa044ebd135fdcc5242672963f1e56d6aac5eece32076bff7
pam-debugsource-1.5.1-21.el9_4.aarch64.rpm SHA-256: 9b5f443bcb68709aa044ebd135fdcc5242672963f1e56d6aac5eece32076bff7
pam-devel-1.5.1-21.el9_4.aarch64.rpm SHA-256: 649cd4210299a4078c88fe474878d33a9f75c7affe588f933f883b1feeba531e
pam-docs-1.5.1-21.el9_4.aarch64.rpm SHA-256: 5534396d2ab16c791fb8183d6f30f04e9a6bfff4098545796d5bcbc330dd1041

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
pam-1.5.1-21.el9_4.src.rpm SHA-256: 6cc9872e58a64cf241ef5b6ca8b394fdeb60298e0223d1eca4e986824b6ac69a
ppc64le
pam-1.5.1-21.el9_4.ppc64le.rpm SHA-256: ce1db0f986098e0fc7e91b3c1f88f0b1a5cc84ef2bceca9b3fc137a1d7191cfd
pam-debuginfo-1.5.1-21.el9_4.ppc64le.rpm SHA-256: 0424f971646dc7d37a208e5ecab85ccea3a2e382cfcc84eabf469c6b90e3be85
pam-debuginfo-1.5.1-21.el9_4.ppc64le.rpm SHA-256: 0424f971646dc7d37a208e5ecab85ccea3a2e382cfcc84eabf469c6b90e3be85
pam-debugsource-1.5.1-21.el9_4.ppc64le.rpm SHA-256: ce8cbcaab77a833b270008f4eb03a8efe4372a41df0d7b75a6b124316cc5cae7
pam-debugsource-1.5.1-21.el9_4.ppc64le.rpm SHA-256: ce8cbcaab77a833b270008f4eb03a8efe4372a41df0d7b75a6b124316cc5cae7
pam-devel-1.5.1-21.el9_4.ppc64le.rpm SHA-256: 897aa102e5031d589cf2be8f5cb2c96ff79c4fc5bba9dc6e71a00a3282ef0e79
pam-docs-1.5.1-21.el9_4.ppc64le.rpm SHA-256: a5c6d7c857c5230dbe96eb5360d95e37cb3311d0b8ba9b5f6eff0c7e8457b9d7

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
pam-1.5.1-21.el9_4.src.rpm SHA-256: 6cc9872e58a64cf241ef5b6ca8b394fdeb60298e0223d1eca4e986824b6ac69a
x86_64
pam-1.5.1-21.el9_4.i686.rpm SHA-256: 4b60f52bec4b64fcd5e347c373606d42cc98b19e367c9d0743d69886d32991b8
pam-1.5.1-21.el9_4.x86_64.rpm SHA-256: 96cab1659ba5f7b987d9213b9a99b5f0b3436b4a12b64b977262c0e3358659d3
pam-debuginfo-1.5.1-21.el9_4.i686.rpm SHA-256: 47854ce8c04c542f6505b428b9f3a8a1f0e3c1e88ac68f99f6243ad82981e3ec
pam-debuginfo-1.5.1-21.el9_4.i686.rpm SHA-256: 47854ce8c04c542f6505b428b9f3a8a1f0e3c1e88ac68f99f6243ad82981e3ec
pam-debuginfo-1.5.1-21.el9_4.x86_64.rpm SHA-256: 58d0cfc3be7ad1f692102cad68422b87188e94e31afaaf2fb402cb4eeab9e905
pam-debuginfo-1.5.1-21.el9_4.x86_64.rpm SHA-256: 58d0cfc3be7ad1f692102cad68422b87188e94e31afaaf2fb402cb4eeab9e905
pam-debugsource-1.5.1-21.el9_4.i686.rpm SHA-256: f275cc1c4da848a509097279b299e85dc1868eaedb4a7c0b14529b46b7c7f8d1
pam-debugsource-1.5.1-21.el9_4.i686.rpm SHA-256: f275cc1c4da848a509097279b299e85dc1868eaedb4a7c0b14529b46b7c7f8d1
pam-debugsource-1.5.1-21.el9_4.x86_64.rpm SHA-256: 2bf2499a339d7b477f0e9b68d8f5d283da57c09853adf7fe6940748456a2c05d
pam-debugsource-1.5.1-21.el9_4.x86_64.rpm SHA-256: 2bf2499a339d7b477f0e9b68d8f5d283da57c09853adf7fe6940748456a2c05d
pam-devel-1.5.1-21.el9_4.i686.rpm SHA-256: 55cbcd9501075fd0423c095781ef9374e0684cf2a4ff94999f90f54f1a5a832a
pam-devel-1.5.1-21.el9_4.x86_64.rpm SHA-256: 91867bb4b4f398ca191c7bc7e8e7bdffbcdb2db70c1cd75255d4411f8c7ed16d
pam-docs-1.5.1-21.el9_4.x86_64.rpm SHA-256: d32c91a43da4b96061994c7cbd362c96eeadafb25dc01797d96ff238b72e06d1

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
pam-1.5.1-21.el9_4.src.rpm SHA-256: 6cc9872e58a64cf241ef5b6ca8b394fdeb60298e0223d1eca4e986824b6ac69a
aarch64
pam-1.5.1-21.el9_4.aarch64.rpm SHA-256: aa148bc2be2ac289f196a046b53007eebe97b7ee5734985483fb558162a67837
pam-debuginfo-1.5.1-21.el9_4.aarch64.rpm SHA-256: c5bfa44a47ccc66b5c9a337d8fd2602afe7389ab3657e119eae7029a3cc276c8
pam-debuginfo-1.5.1-21.el9_4.aarch64.rpm SHA-256: c5bfa44a47ccc66b5c9a337d8fd2602afe7389ab3657e119eae7029a3cc276c8
pam-debugsource-1.5.1-21.el9_4.aarch64.rpm SHA-256: 9b5f443bcb68709aa044ebd135fdcc5242672963f1e56d6aac5eece32076bff7
pam-debugsource-1.5.1-21.el9_4.aarch64.rpm SHA-256: 9b5f443bcb68709aa044ebd135fdcc5242672963f1e56d6aac5eece32076bff7
pam-devel-1.5.1-21.el9_4.aarch64.rpm SHA-256: 649cd4210299a4078c88fe474878d33a9f75c7affe588f933f883b1feeba531e
pam-docs-1.5.1-21.el9_4.aarch64.rpm SHA-256: 5534396d2ab16c791fb8183d6f30f04e9a6bfff4098545796d5bcbc330dd1041

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
pam-1.5.1-21.el9_4.src.rpm SHA-256: 6cc9872e58a64cf241ef5b6ca8b394fdeb60298e0223d1eca4e986824b6ac69a
s390x
pam-1.5.1-21.el9_4.s390x.rpm SHA-256: 37fdea489f5d8d9baf222521822e6a61616340f960ec59ace0c1d54e244e0ee4
pam-debuginfo-1.5.1-21.el9_4.s390x.rpm SHA-256: 9934331c2d9776adce44c8670791610ae2bf02d1da731f8c8152b2f8ac52d38a
pam-debuginfo-1.5.1-21.el9_4.s390x.rpm SHA-256: 9934331c2d9776adce44c8670791610ae2bf02d1da731f8c8152b2f8ac52d38a
pam-debugsource-1.5.1-21.el9_4.s390x.rpm SHA-256: 1f91a371b73e17ecac962280826b40370431e752cedbb73e77e595cd24c47fcb
pam-debugsource-1.5.1-21.el9_4.s390x.rpm SHA-256: 1f91a371b73e17ecac962280826b40370431e752cedbb73e77e595cd24c47fcb
pam-devel-1.5.1-21.el9_4.s390x.rpm SHA-256: 3941aa005cb624e8b9f203a4c6424f19354803a5de662d9ca572eb4c1863af01
pam-docs-1.5.1-21.el9_4.s390x.rpm SHA-256: 6c8e54c3927a266071abf5c0e3d9baa5017f37c01de1c006b3f0c10e35600a8a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility