CVE-2026-48064 pam_usb: PAM_RHOST check skipped when deny_remote=false allows XDMCP authentication bypass
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, when a PAM service is configured with denyremote=false in pamusb commonly done for display managers such as gdm-password or lightdm to bypass process/TTY heuristics for local sessions, the PAMRHOST...