CVE-2026-48066
MEDIUM
5,7
Source: [email protected]
Attack Vector: local
Attack Complexity: high
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: low
Availability: high
Description
AI Translation Available
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the address of a stack-local variable. This violates the PAM re-entrancy requirement and creates a data race when the PAM stack is invoked concurrently from multiple threads. This vulnerability is fixed in 0.9.1.
362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
DraftCommon Consequences
Security Scopes Affected:
Availability
Confidentiality
Integrity
Access Control
Potential Impacts:
Dos: Resource Consumption (Cpu)
Dos: Resource Consumption (Memory)
Dos: Resource Consumption (Other)
Dos: Crash, Exit, Or Restart
Dos: Instability
Read Files Or Directories
Read Application Data
Execute Unauthorized Code Or Commands
Gain Privileges Or Assume Identity
Bypass Protection Mechanism
Applicable Platforms
Languages:
C, C++, Java
Technologies:
Mobile, ICS/OT
476
NULL Pointer Dereference
StableCommon Consequences
Security Scopes Affected:
Availability
Integrity
Confidentiality
Potential Impacts:
Dos: Crash, Exit, Or Restart
Execute Unauthorized Code Or Commands
Read Memory
Modify Memory
Applicable Platforms
Languages:
C, C++, Java, C#, Go
https://github.com/mcdope/pam_usb/issues/350
https://github.com/mcdope/pam_usb/issues/55
https://github.com/mcdope/pam_usb/security/advisories/GHSA-qg76-57wq-mpv6