CVE-2026-47274
6.3 MEDIUMpam_usb provides hardware authentication for Linux using ordinary removable media
Published: 2026-05-27 · Last updated: 2026-05-28
Severity and scoring
- CVSS
- 6.3 MEDIUM
- Vector
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
- CWE
- CWE-427
Description
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, multiple pam_usb helper tools resolved external binaries through the PATH environment variable rather than using absolute paths. An attacker who can influence the process environment during PAM authentication or tool execution could substitute malicious binaries. The affected tools are pamusb-check (src/tmux.c), pamusb-conf (tools/pamusb-conf), and pamusb-keyring-unlock-gnome (tools/pamusb-keyring-unlock-gnome). This vulnerability is fixed in 0.9.0.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-47274
- [Other]https://github.com/mcdope/pam_usb/commit/1ee8745920388df48d001a8e61ba629071557937
- [Other]https://github.com/mcdope/pam_usb/commit/52a1fd6413b7ffcc1a5b58ce432be42e7bf0dbd0
- [Other]https://github.com/mcdope/pam_usb/commit/993e73d8bebb1d8e62677388de3402b6ec36b600
- [Other]https://github.com/mcdope/pam_usb/security/advisories/GHSA-pp29-w28g-r9h9
Related CVEs
Same CWE
- CVE-2026-5064 — Potential security vulnerabilities have been identified in the HP One Agent for certain HP PC products, which might allow ...
- CVE-2026-50100 — Multiple printer drivers provided by Ricoh Company, Ltd (7.8 HIGH)
- CVE-2026-11967 — MobaXterm Personal Edition (Portable), in its 26.3 version (Build 5154), allows arbitrary code execution by loading a malicious DLL locat...
- CVE-2026-11879 — MobaXterm Personal Edition (Portable), in its 26.3 version (Build 5154), allows arbitrary code execution by loading malicious DLLs from a...
- CVE-2026-53813 — OpenClaw before 2026.4.25 contains a path traversal vulnerability in memory-core artifact loading where workspace state influences local ... (7.8 HIGH)