| ID |
CVE-2026-48982
|
| Sažetak |
pam_usb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, when updating a one-time pad file, a temporary file is created using open() without the O_EXCL flag. Without O_EXCL, the create operation is not atomic: two concurrent processes racing to update the same pad may both succeed in opening the file, with the second write silently overwriting the first. The one-time pad is the core replay-prevention mechanism of pam_usb. A successful race could result in the stored pad value diverging from what either process expected, potentially causing authentication failures or, in a precisely timed attack, creating a window for pad reuse. This issue has been fixed in version 0.9.2. |
| Reference |
|
| CVSS |
| Base: | 5.8 |
| Impact: | 4.7 |
| Exploitability: | 1.0 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| LOCAL |
HIGH |
LOW |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| LOW |
HIGH |
LOW |
|
| CVSS vektor |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L |
| Zadnje važnije ažuriranje |
18-06-2026 - 20:16 |
| Objavljeno |
18-06-2026 - 20:16 |
