10 matches found
ROS-20250402-06
Vulnerability of pamsmauthenticate function of PAM-PKCS11 authentication module of Linux operating systems is related to authentication errors. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the authentication procedure and gain unauthorized access to protected...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : PAM-PKCS#11 vulnerabilities (USN-7363-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7363-1 advisory. Marcus Rckert and Matthias Gerstner discovered that PAM-PKCS11 did not properly handle certain...
Linux Distros Unpatched Vulnerability : CVE-2025-24032
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if certpolicy is set to none the default value...
CVE-2025-24032 PAM-PKCS#11 vulnerable to authentication bypass with default value for `cert_policy` (`none`)
PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if certpolicy is set to none the default value, then pampkcs11 will only check if the user is capable of logging into the token. An attacker may create a different token with the user...
CVE-2025-24032 PAM-PKCS#11 vulnerable to authentication bypass with default value for `cert_policy` (`none`)
PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if certpolicy is set to none the default value, then pampkcs11 will only check if the user is capable of logging into the token. An attacker may create a different token with the user...
CVE-2025-24032
PAM-PKCS#11 (Linux-PAM) vulnerability CVE-2025-24032 affects pam_pkcs11-0.6.0 and later up to 0.6.12/0.6.13 era, where the default cert_policy of none may bypass private-key signature checks. An attacker could create a token containing the user’s public data (e.g., certificate) and a known PIN an...
CVE-2025-24031 PAM-PKCS#11 vulnerable to segmentation fault on ctrl-c/ctrl-d when asked for PIN
PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pampkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, pamgetpwd will never initialize the password...
CVE-2025-24031 PAM-PKCS#11 vulnerable to segmentation fault on ctrl-c/ctrl-d when asked for PIN
PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pampkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, pamgetpwd will never initialize the password...
CVE-2025-24031 PAM-PKCS#11 vulnerable to segmentation fault on ctrl-c/ctrl-d when asked for PIN
PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pampkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, pamgetpwd will never initialize the password...
PT-2025-6041 · Unknown +5 · Pam Pkcs11 +5
Name of the Vulnerable Software and Affected Versions: pam pkcs11 versions 0.6.0 through 0.6.12 Description: PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. If cert policy is set to none the default value, then pam pkcs11 will only check if the user is...