Severity by source
AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
Local-only race requiring a low-privilege account and precise timing drives AV:L, AC:H, PR:L; pad state corruption enabling replay justifies I:H with minor C and A impact.
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
Lifecycle Timeline
4DescriptionCVE.org
pam_usb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, when updating a one-time pad file, a temporary file is created using open() without the O_EXCL flag. Without O_EXCL, the create operation is not atomic: two concurrent processes racing to update the same pad may both succeed in opening the file, with the second write silently overwriting the first. The one-time pad is the core replay-prevention mechanism of pam_usb. A successful race could result in the stored pad value diverging from what either process expected, potentially causing authentication failures or, in a precisely timed attack, creating a window for pad reuse. This issue has been fixed in version 0.9.2.
AnalysisAI
Non-atomic one-time pad file creation in pam_usb prior to 0.9.2 exposes the core replay-prevention mechanism to a local race condition (CWE-362), allowing a precisely timed concurrent write to corrupt or reuse the stored OTP pad state. Systems running pam_usb as a PAM module for SSH, sudo, or login are affected on all versions before 0.9.2; successful exploitation could silently degrade hardware authentication integrity, creating a window for USB token replay attacks. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires all of the following: (1) a local account on the target Linux system with at least low-privilege access (PR:L per the provided CVSS vector); (2) pam_usb actively configured as a PAM module for a service on that system (SSH, sudo, console login, etc.); (3) the attacker's ability to initiate two or more concurrent authentication or pad-update events simultaneously - for example, by scripting parallel login attempts - to open the race window; and (4) precise timing to win the race (AC:H), requiring repeated attempts and favorable OS scheduler behavior. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L yields a score of 5.8, which accurately reflects the threat model: local-only access (AV:L) and high attack complexity (AC:H) substantially constrain exploitability, but Integrity:High is justified because a successful race undermines the entire replay-prevention layer of the authentication system. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A local attacker with a low-privilege account on a Linux system using pam_usb scripts two simultaneous authentication attempts against the same PAM service, timing them to collide during the OTP pad temp file write. If the race is won, the second open() call overwrites the first process's pad update, leaving the on-disk value mismatched from both processes' expectations; in a precisely engineered case, the attacker arranges for the resulting stored pad to match a previously captured pad value, then presents the corresponding USB token to authenticate with a replayed credential. … |
| Remediation | Upgrade pam_usb to version 0.9.2 immediately; this release adds O_EXCL to the pad temp file creation call (PR #380) to atomize the operation and eliminate the race window. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Authentication bypass in pam_usb before 0.9.1 allows remote unauthenticated attackers to reach the USB hardware-authenti
Authentication bypass in pam_usb prior to 0.9.0 lets a local user defeat the USB hardware-authentication factor by delet
Heap buffer overflow in pam_usb prior to 0.9.1 allows a local attacker with high privileges to corrupt heap memory on 32
XXE injection in pam_usb prior to 0.9.2 enables an attacker with write access to the root-owned configuration file to tr
XPath injection in pam_usb prior to 0.9.0 allows unauthenticated remote attackers to manipulate device-verification quer
PATH hijacking in pam_usb helper tools prior to version 0.9.0 allows a local low-privileged attacker who can manipulate
Environment variable injection in pam_usb prior to version 0.9.2 allows a local authenticated user to bypass hardware US
Symlink race condition in pam_usb prior to 0.9.2 allows a local attacker to redirect one-time pad files to an attacker-c
Concurrent PAM invocations in pam_usb prior to 0.9.1 expose a process-wide static pointer race condition in src/log.c, w
NULL pointer dereference in pam_usb 0.9.1 and below crashes PAM-integrated authentication services (sudo, login) when lo
Infinite loop denial-of-service in pam_usb 0.9.1 and earlier can permanently hang authentication processes such as sudo,
Insecure deallocation in pam_usb 0.9.1 and below leaves sensitive authentication material - including one-time pad (OTP)
Same weakness CWE-362 – Race Condition
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37935