Primary

Context

pam_usb Deny Remote Feature Bypass Vulnerability in SSH Authentication

Vulnerability

Patched

A vulnerability exists in pam_usb versions prior to 0.9.0, where the deny_remote feature incorrectly classifies IPv4-mapped IPv6 addresses as local. This misclassification allows an attacker with physical access to a registered USB device to authenticate over SSH as if they were at a local terminal, bypassing the intended remote authentication restrictions. The issue arises because the remote detection only checks the first word of the IPv6 address, leaving IPv4-mapped addresses unverified. This vulnerability is particularly relevant on systems with the SSH daemon configured to accept connections over IPv6.

Impact

Exploitation of this vulnerability allows for unauthorized authentication over SSH, bypassing local authentication requirements and potentially leading to unauthorized access on the affected system.

Remediation

Users can upgrade to pam_usb version 0.9.0 or later to address this vulnerability.

Added: May 28, 2026, 3:13 AM

Updated: May 28, 2026, 3:13 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

2.2

remediation

0.0

relevance

9.6

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

2.2

remediation

0.0

relevance

9.6

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

pam_usb Deny Remote Feature Bypass Vulnerability in SSH Authentication

Vulnerability

Impact

Remediation

Affected Products

pam_usb

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating