PT-2025-4766 · Yubico+4 · Pam-U2F+4
Matthias Gerstner
·
Published
2024-11-20
·
Updated
2025-10-14
·
CVE-2025-23013
CVSS v4.0
7.3
High
| Vector | AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Yubico pam-u2f versions prior to 1.3.1
Description
The issue allows for an authentication bypass in some configurations, potentially leading to local privilege escalation. An attacker would require access to the system as an unprivileged user and, depending on the configuration, may also need to know the user's password. The vulnerability can be exploited by provoking an out-of-memory situation, allowing an attacker to bypass the second factor or achieve password-less login without inserting the proper device.
Recommendations
For versions prior to 1.3.1, update to version 1.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the
pam sm authenticate() function until a patch is available. Additionally, restrict the use of the PAM module in configurations where authentication bypass is possible to minimize the risk of exploitation.Fix
LPE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linuxmint
Red Os
Suse
Ubuntu
Pam-U2F