Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2025-10027

Опубликовано: 01 июл. 2025
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2025-10027: pam security update (IMPORTANT)

[1.3.1-37.0.1]

  • pam_limits: fix use after free in pam_sm_open_session [Orabug: 36272695]

[1.3.1-37]

  • pam_namespace: fix potential privilege escalation. Resolves: CVE-2025-6020 and RHEL-96724

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

pam

1.3.1-37.0.1.el8_10

pam-devel

1.3.1-37.0.1.el8_10

Oracle Linux x86_64

pam

1.3.1-37.0.1.el8_10

pam-devel

1.3.1-37.0.1.el8_10

Связанные CVE

CVE-2025-6020

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2025-6020

CVSS3: 7.8
ubuntu
около 2 месяцев назад

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

redhat логотип

CVE-2025-6020

CVSS3: 7.8
redhat
около 2 месяцев назад

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

nvd логотип

CVE-2025-6020

CVSS3: 7.8
nvd
около 2 месяцев назад

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

msrc логотип

CVE-2025-6020

CVSS3: 7.8
msrc
26 дней назад

Описание отсутствует

debian логотип

CVE-2025-6020

CVSS3: 7.8
debian
около 2 месяцев назад

A flaw was found in linux-pam. The module pam_namespace may use access ...