VYPR

Pam Pkcs11

by Opensc Project

Source repositories

CVEs (3)

  • CVE-2025-24032CriFeb 10, 2025
    risk 0.53cvss epss 0.01

    PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if cert_policy is set to none (the default value), then pam_pkcs11 will only check if the user is capable of logging into the token. An attacker may create a…

  • CVE-2025-24531MedJan 16, 2026
    risk 0.37cvss 6.7epss 0.00

    In OpenSC pam_pkcs11 before 0.6.13, pam_sm_authenticate() wrongly returns PAM_IGNORE in many error situations (such as an error triggered by a smartcard before login), allowing authentication bypass.

  • CVE-2025-24031MedFeb 10, 2025
    risk 0.33cvss epss 0.00

    PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pam_pkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, `pam_get_pwd` will never…