Login
From:
SUSE Security Team Blog
(Uncensored)
subscribe
pam_pkcs11: Possible Authentication Bypass in Error Situations (CVE-2025-24531) | SUSE Security Team Blog
https://security.opensuse.org/2025/02/06/pam-pkcs11-pam-ignore-auth-bypass.html
links
backlinks
Tagged with:
local
cve
pam
This PAM module allows to use smart cards as an authentication factor on Linux. In its 0.6.12 release the use of PAM_IGNORE return values introduced a regression that can lead to complete authentication bypass in some scenarios.
Roast topics
Find topics
Find it!
