VYPR

rpm package

opensuse/pam_pkcs11&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/pam_pkcs11&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

  • CVE-2025-24531MedJan 16, 2026
    affected < 0.6.13-1.1fixed 0.6.13-1.1

    In OpenSC pam_pkcs11 before 0.6.13, pam_sm_authenticate() wrongly returns PAM_IGNORE in many error situations (such as an error triggered by a smartcard before login), allowing authentication bypass.

  • CVE-2025-6018Jul 23, 2025
    affected < 0.6.13-2.1fixed 0.6.13-2.1

    A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for

  • CVE-2025-24032CriFeb 10, 2025
    affected < 0.6.13-1.1fixed 0.6.13-1.1

    PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if cert_policy is set to none (the default value), then pam_pkcs11 will only check if the user is capable of logging into the token. An attacker may create a differe