Frankmorgner

**Name of the Vulnerable Software and Affected Versions** pam pkcs11 versions 0.6.0 through 0.6.12 **Description** PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. If `cert policy` is set to `none` (the default value), then `pam pkcs11` will only check if the user is capable of logging into the token. An attacker may create a different token with the user's public data (e.g. the user's certificate) and a PIN known to the attacker. If no signature with the private key is required, then the attacker may now login as user with that created token. Approximately 11% of new vulnerabilities are related to improper authentication, with this issue being one of them. **Recommendations** For versions 0.6.0 through 0.6.12, as a workaround, in `pam pkcs11.conf`, set at least `cert policy = signature;`. This change will ensure that the private key's signature is checked, preventing potential unauthorized access.