Part 2/12:
The initial vulnerability, CVE 20256018, revolves around Pluggable Authentication Modules (PAM), a flexible system that manages authentication for various applications on Linux and UNIX-like systems. PAM allows for dynamic modules to handle user verification, session management, and account policies.
In particular, Open SUSA—a Linux distribution—had a flaw in its implementation of the PAM environment module. The root of the issue lay in the ordering of how it reads the environment configuration files. Environment variables are key-value pairs that inform processes about system states or preferences, such as the current directory, user permissions, or session states.