VYPR

rpm package

suse/pam_pkcs11&distro=SUSE Linux Enterprise Micro 5.4

pkg:rpm/suse/pam_pkcs11&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Vulnerabilities (3)

  • CVE-2025-6018Jul 23, 2025
    affected < 0.6.10-150100.3.11.1fixed 0.6.10-150100.3.11.1

    A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for

  • CVE-2025-24032CriFeb 10, 2025
    affected < 0.6.10-150100.3.6.1fixed 0.6.10-150100.3.6.1

    PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if cert_policy is set to none (the default value), then pam_pkcs11 will only check if the user is capable of logging into the token. An attacker may create a differe

  • CVE-2025-24031MedFeb 10, 2025
    affected < 0.6.10-150100.3.6.1fixed 0.6.10-150100.3.6.1

    PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pam_pkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, `pam_get_pwd` will never init