SSH-Passkeys: Leveraging Web Authentication for Passwordless SSH

We propose a method for using Web Authentication APIs for SSH authentication, enabling passwordless remote server login with passkeys. These are credentials that are managed throughout the key lifecycle by an authenticator on behalf of the user and offer strong security guarantees. Passwords rema...

Important: Red Hat Security Advisory: pam security update

An update for pam is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

RHEL 8 : pam (RHSA-2025:10359)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10359 advisory. Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle...

RHEL 8 : pam (RHSA-2025:10361)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10361 advisory. Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle...

RHEL 8 : pam (RHSA-2025:10358)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10358 advisory. Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle...

OESA-2025-1744 pam security update

PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: Linux-pam is a plug-in and unplugged system authentication software for Linux teams. There is a security vulnerability in Linux-pam. This...

OESA-2025-1743 pam security update

PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: Linux-pam is a plug-in and unplugged system authentication software for Linux teams. There is a security vulnerability in Linux-pam. This...

Important: Red Hat Security Advisory: pam security update

An update for pam is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

SUSE-SU-2025:02001-1 Security update for pam

This update for pam fixes the following issues: - CVE-2025-6018: pamenv: Change the default to not read the user .pamenvironment file bsc1243226. - pamnamespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path bsc1244509...

OESA-2025-1600 pam security update

PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by...

OESA-2025-1599 pam security update

PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by...

Security update for apparmor

This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...

UBUNTU-CVE-2025-23013

In Yubico pam-u2f before 1.3.1, local privilege escalation can sometimes occur. This product implements a Pluggable Authentication Module PAM that can be deployed to support authentication using a YubiKey or other FIDO compliant authenticators on macOS or Linux. This software package has an issue...

[SECURITY] Fedora 41 Update: pam-1.6.1-7.fc41

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

Important: Red Hat Security Advisory: pam:1.5.1 security update

An update for the pam:1.5.1 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: pam security update

An update for pam is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

Important: pam:1.5.1 security update

Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle authentication. Security Fixes: pam: Improper Hostname Interpretation in pamaccess Leads to Access Control Bypass CVE-2024-10963 For more details about the...

pam: libpam: Libpam vulnerable to read hashed password

A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...

DEBIAN-CVE-2024-10041

A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...

AZL-51729 CVE-2024-10041 affecting package pam for versions less than 1.5.3-4

A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...