{"vulnerability": "CVE-2025-24031", "sightings": [{"uuid": "d3d25626-938d-4de2-bd10-33d25c9fdf2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24031", "type": "seen", "source": "https://t.me/cvedetector/17573", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24031 - Apache PAM-PKCS#11 X509 Certificate PIN Input Vulnerability (Segmentation Fault)\", \n  \"Content\": \"CVE ID : CVE-2025-24031 \nPublished : Feb. 10, 2025, 4:15 p.m. | 1\u00a0hour, 27\u00a0minutes ago \nDescription : PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pam_pkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, `pam_get_pwd` will never initialize the password buffer pointer and as such `cleanse` will try to dereference an uninitialized pointer. On my system this pointer happens to have the value 3 most of the time when running sudo and as such it will segfault. The most likely impact to a system affected by this issue is an availability impact due to a daemon that uses PAM crashing. As of time of publication, a patch for the issue is unavailable. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-10T18:45:48.000000Z"}, {"uuid": "74eec11a-f0d0-4018-b842-624ce88eb6a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24031", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhtx7nntan2e", "content": "", "creation_timestamp": "2025-02-10T20:10:05.507651Z"}, {"uuid": "97a0bc48-96b3-4a9c-8236-06cf18ed8830", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24031", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113980358279860347", "content": "", "creation_timestamp": "2025-02-10T15:44:05.076219Z"}, {"uuid": "758e237c-7e93-44be-ba9e-33daaafa0279", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24031", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhtk6gilph2v", "content": "", "creation_timestamp": "2025-02-10T16:16:44.960867Z"}]}