2 matches found
CVE-2025-24531
The CVE-2025-24531 entry concerns OpenSC pam_pkcs11 before 0.6.13, where pam_sm_authenticate() may return PAM_IGNORE in various error conditions (e.g., smartcard errors before login). This behavior can allow authentication bypass. The open/public data provided identifies the affected component an...
UBUNTU-CVE-2025-24531
In OpenSC pampkcs11 before 0.6.13, pamsmauthenticate wrongly returns PAMIGNORE in many error situations such as an error triggered by a smartcard before login, allowing authentication bypass...