pam_usb: xfree() does not call explicit_bzero — sensitive cryptographic material may linger in freed heap
Description
pam_usb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, the xfree() memory release helper in calls free() without first zeroing the buffer contents, releasing heap-allocated buffers containing sensitive data — including one-time pad bytes read from disk — without clearing, leaving the sensitive content in freed heap memory until it happens to be overwritten by a subsequent allocation. On a system where a use-after-free condition exists, or where a heap inspection primitive becomes available, this could allow recovery of pad values or other authentication material from freed memory regions. This is a defence-in-depth requirement consistent with prior hardening work in this codebase (GHSA-vx6f-rrqr-j87c applied explicit_bzero to some pad paths; this issue generalises the pattern to the central deallocation helper).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
Root cause
"The xfree() memory release helper calls free() without first zeroing the buffer contents, leaving sensitive cryptographic material in freed heap memory."
Attack vector
An attacker who can trigger a use-after-free condition or who has access to a heap inspection primitive could recover one-time pad values or other authentication material from freed memory regions [ref_id=1]. The advisory notes this is a defence-in-depth issue; no specific network path or payload shape is described, and the precondition is the existence of a separate memory disclosure vulnerability (use-after-free or heap inspection) on the target system [ref_id=1].
Affected code
The vulnerability is in `src/mem.c` in the `xfree()` memory release helper. `xfree()` calls `free()` without first zeroing the buffer contents, leaving sensitive data — including one-time pad bytes read from disk — in freed heap memory until it happens to be overwritten by a subsequent allocation [ref_id=1].
What the fix does
The patch modifies `xfree()` in `src/mem.c` to call `explicit_bzero(ptr, malloc_usable_size(ptr))` before `free()`, ensuring the buffer contents are cleared before the memory is released [ref_id=1]. `malloc_usable_size()` returns the actual usable allocation size (which may be slightly larger than the requested size due to alignment), making the zeroing complete and safe. The function is also marked `__attribute__((noinline))` to prevent a FORTIFY_SOURCE false positive that would otherwise occur when the compiler sees the allocation size and flags `malloc_usable_size()` as overflowing it [ref_id=1]. No call-site modifications are required.
Preconditions
- configA separate use-after-free vulnerability or a heap inspection primitive must be present on the system to read freed memory regions.
- inputThe attacker must be able to exploit that separate memory disclosure condition to access freed heap memory.
Generated on Jun 19, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2- github.com/mcdope/pam_usb/releases/tag/0.9.2mitrex_refsource_MISC
- github.com/mcdope/pam_usb/security/advisories/GHSA-rmp6-wfrq-wrrcmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.