CVE-2025-24531 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

In OpenSC pam_pkcs11 before 0.6.13, pam_sm_authenticate() wrongly returns PAM_IGNORE in many error situations (such as an error triggered by a smartcard before…
Medium CVSS: 6.7

CVE-2025-24531

In OpenSC pam_pkcs11 before 0.6.13, pam_sm_authenticate() wrongly returns PAM_IGNORE in many error situations (such as an error triggered by a smartcard before login), allowing authentication bypass.
Vendor
-
Product
-
CWE
CWE-393
Yayın Tarihi
2026-01-16 18:16:06
Güncelleme
2026-01-26 15:05:57
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-393 MEDIUM 2026

Referanslar

https://github.com/OpenSC/pam_pkcs11/releases https://github.com/OpenSC/pam_pkcs11/security/advisories/GHSA-7mf6-rg36-qgch https://www.openwall.com/lists/oss-security/2025/02/06/3 http://www.openwall.com/lists/oss-security/2025/02/06/3 http://www.openwall.com/lists/oss-security/2025/02/06/7