CVE-2026-48792

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/evdev.c silently ignores EACCES errors when opening /dev/input/event nodes, causing pusbhasvirtualinputdevice to return 0 no virtual devices found even when every open call failed due to...

CVE-2026-48064 pam_usb: PAM_RHOST check skipped when deny_remote=false allows XDMCP authentication bypass

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, when a PAM service is configured with denyremote=false in pamusb commonly done for display managers such as gdm-password or lightdm to bypass process/TTY heuristics for local sessions, the PAMRHOST...

pam_usb 代码问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.1 contained code vulnerabilities. This vulnerability stemmed from the fact that the src/log.c file contained a process-level static pointer; each PAM ca...

pam_usb 安全漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 contain security vulnerabilities. These vulnerabilities stem from the code in src/tmux.c, which reads the user’s $TMUX environment variable and insert...