CVE-2025-24031:在要求输入 PIN 时按下 Ctrl-C/Ctrl-D 导致段错误 当用户在输入 PIN 提示过程中按下 Ctrl-C 或 Ctrl-D 时,此漏洞会导致 PAM-PKCS#11 模块崩溃。虽然这个漏洞可能不会直接导致权限提升,但它可被用于破坏服务,或者有可能造成拒绝服务的情况。 建议 强烈建议使用 PAM-PKCS#11 的用户将其系统...
PAM-PKCS#11是OpenSC开源的一个登录模块。 PAM-PKCS#11 0.6.12及之前版本存在代码问题漏洞,该漏洞源于未正确处理用户取消输入PIN操作,导致段错误,可能导致使用PAM的守护进程崩溃。 参考资料 来源:github.com 链接:https://github.com/OpenSC/pam_pkcs11/blob/bb2e3f3a95e44fdf44b0d5a4b377db3179021380/src/pam_...
Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:N) Published 02/14/2025 Created 02/15/2025 Added 02/14/2025 Modified 02/19/2025 Description Possible Authentication Bypass in Error Situations Solution(s) debian-upgrade-pam-pkcs11 References ...
4.136.1. RHBA-2012:0215 — pam_pkcs11 bug fix update An updated pam_pkcs11 package that fixes a bug is now available for Red Hat Enterprise Linux 5. The pam_pkcs11 package allows X.509 certificate-based user authentication. It provides access to the certificate and its dedicated private...
smart > card login is enabled and smart cards are autodetected. Even then, an > affected "gdm-smartcard" PAM stack still needs to be in place for the > issue to trigger. gdm-smartcard PAM stacks relying on pam_pkcs11 are > found in the GDM repository for: > > - Arch Linux [22]...
libpam-pkcs11_0.6.13-1_armhf.deb 130.2 KB 2025-02-09 05:47 libpam-pkcs11_0.6.13-1_i386.deb 153.4 KB 2025-02-09 05:47 pam-pkcs11_0.6.13-1.debian.tar.xz 70.5 KB 2025-02-09 05:26 pam-pkcs11_0.6.13-1.dsc 1.9 KB 2025-02-09 05:26 pam-pkcs11_0.6.13.orig.tar.gz 274.7 ...
I am trying to setup pam_pkcs11 using an OpenPGP card. Everything seems to work except the signature verification. Here is a snipped from the output: DEBUG:pam_pkcs11.c:618: certificate is valid and matches the user Checking signature DE...
pam_pkcs11.i686 0.6.2-24.2.el7 base pam_pkcs11.x86_64 0.6.2-24.2.el7 base pam_radius.x86_64 1.4.0-2.el7 epel pam_script.x86_64 1.1.8-1.el7 epel pam_snapper.i686 0.2.8-4.el7 base pam_snapper.x86_64 0.2.8-4.el7 base ...
etc/pam_pkcs11.conf.example.in # CRLs # "signature" Does a signature check to ensure that private # and public key matches # "no_signature" The only value that disables signature check Member Jakuje Feb 24, 2025 This needs to be updated also in the documentation. I initially ...
Linux OS - Version Oracle Linux 7.0 and later: Unable To Login Via Console With "Login incorrect" and Error "login: PAM unable to dlopen(/usr/lib64/security/pam_pkcs