rpm package
suse/pam_pkcs11&distro=SUSE Linux Micro 6.0
pkg:rpm/suse/pam_pkcs11&distro=SUSE%20Linux%20Micro%206.0
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-24531 | Med | 6.7 | < 0.6.12-2.1 | 0.6.12-2.1 | Jan 16, 2026 | In OpenSC pam_pkcs11 before 0.6.13, pam_sm_authenticate() wrongly returns PAM_IGNORE in many error situations (such as an error triggered by a smartcard before login), allowing authentication bypass. | |
| CVE-2025-6018 | — | < 0.6.12-5.1 | 0.6.12-5.1 | Jul 23, 2025 | A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for | ||
| CVE-2025-24032 | Cri | — | < 0.6.12-3.1 | 0.6.12-3.1 | Feb 10, 2025 | PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if cert_policy is set to none (the default value), then pam_pkcs11 will only check if the user is capable of logging into the token. An attacker may create a differe | |
| CVE-2025-24031 | Med | — | < 0.6.12-3.1 | 0.6.12-3.1 | Feb 10, 2025 | PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pam_pkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, `pam_get_pwd` will never init |
- affected < 0.6.12-2.1fixed 0.6.12-2.1
In OpenSC pam_pkcs11 before 0.6.13, pam_sm_authenticate() wrongly returns PAM_IGNORE in many error situations (such as an error triggered by a smartcard before login), allowing authentication bypass.
- CVE-2025-6018Jul 23, 2025affected < 0.6.12-5.1fixed 0.6.12-5.1
A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for
- affected < 0.6.12-3.1fixed 0.6.12-3.1
PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if cert_policy is set to none (the default value), then pam_pkcs11 will only check if the user is capable of logging into the token. An attacker may create a differe
- affected < 0.6.12-3.1fixed 0.6.12-3.1
PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pam_pkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, `pam_get_pwd` will never init