top of page
perceptive_background_267k.jpg

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, when a PAM service is configured with deny_remote=false in pa…

Published:

26 mei 2026 om 22:00:00

Alert date:

27 mei 2026 om 21:06:41

Source:

nvd.nist.gov

Click to open the original link from this advisory

Operating Systems, Identity & Access

CVE-2026-48064 affects pam_usb, a hardware authentication system for Linux using removable media. Prior to version 0.9.1, when deny_remote=false is configured (common for display managers like gdm-password or lightdm), the PAM_RHOST check is bypassed. This allows remote XDMCP connections to reach USB device authentication instead of being properly rejected. The vulnerability enables remote attackers to bypass intended authentication restrictions when the system is misconfigured with deny_remote=false. The issue is fixed in version 0.9.1.

Technical details

Mitigation steps:

Affected products:

pam_usb
gdm-password
lightdm

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-48064
https://github.com/mcdope/pam_usb/issues/348
https://github.com/mcdope/pam_usb/security/advisories/GHSA-w38v-cw9r-x9p6

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page