NULL pointer dereference in Opensc Pam_pkcs11
CVE-2025-24031
PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pam_pkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no…
EPSS: 0.001 (3.7th percentile) — read the EPSS interpretation.
Affected products
- Opensc Pam_pkcs11 — versions <= 0.6.12
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)
- security-advisories@github.com (x_refsource_MISC)