CVE-2025-24531

CVSS v2.0

9.7

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:P

Name of the Vulnerable Software and Affected Versions pam pkcs11 (affected versions not specified)

Description The issue is related to errors in the authentication process of the PAM-PKCS#11 module in Linux operating systems, specifically concerning the pam sm authenticate() function. This could potentially allow a remote attacker to bypass authentication procedures and gain unauthorized access to protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-393CWE-305

Related Identifiers

BDU:2025-01619

CVE-2025-24531

DSA-5864-1

GHSA-7MF6-RG36-QGCH

OPENSUSE-SU-2025:14738-1

SUSE-SU-2025:20130-1

SUSE-SU-2025:20225-1

USN-7363-1

Affected Products

Astra Linux

Linuxmint

Red Os

Ubuntu

Pam Pkcs11

CVE-2025-24531

Weakness Enumeration

Related Identifiers

Affected Products

References · 41