CVE-2026-48985 | mcdope pam_usb up to 0.9.1 on Linux PAM Module pusb_is_loginctl_local Remote null pointer dereference (EUVD-2026-37924)
A vulnerability was found in mcdope pam_usb up to 0.9.1 on Linux. It has been rated as problematic. This affects the function pusb_is_loginctl_local of the component PAM Module. This manipulation of the argument Remote causes null pointer dereference.
This vulnerability appears as CVE-2026-48985. The attack requires local access. There is no available exploit.
Upgrading the affected component is advised.