Fluid Attacks Database

Description

PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pam_pkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, pam_get_pwd will never initialize the password buffer pointer and as such cleanse will try to dereference an uninitialized pointer. On my system this pointer happens to have the value 3 most of the time when running sudo and as such it will segfault. The most likely impact to a system affected by this issue is an availability impact due to a daemon that uses PAM crashing. As of time of publication, a patch for the issue is unavailable.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version
debian 11	pam-pkcs11	=0.6.11-4 \|\| =0.6.11-4+deb11u1 \|\| =0.6.12-1 \|\| =0.6.12-2 \|\| =0.6.13-1
debian 14	pam-pkcs11	=0.6.13-1
debian 12	pam-pkcs11	=0.6.12-1 \|\| =0.6.12-1+deb12u1 \|\| =0.6.12-2 \|\| =0.6.13-1
debian 13	pam-pkcs11	=0.6.13-1
rpm rhel7	pam_pkcs11	-
rpm rhel6	pam_pkcs11	-

Aliases

1. CVE-2025-240312. NVD-2025-240313. OSV-DEBIAN-2025-240314. OSV-2025-240315. SECURITY-TRACKER-CVE-2025-24031

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.