Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2025-15099

Опубликовано: 03 сент. 2025
Источник: oracle-oval
Платформа: Oracle Linux 9

Описание

ELSA-2025-15099: pam security update (IMPORTANT)

[1.5.1-26.0.1]

  • pam_limits: fix use after free in pam_sm_open_session [Orabug: 36406534]

[1.5.1-26]

  • pam_namespace: fix potential privilege escalation. Resolves: CVE-2025-6020 and RHEL-96729

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

pam

1.5.1-26.0.1.el9_6

pam-devel

1.5.1-26.0.1.el9_6

pam-docs

1.5.1-26.0.1.el9_6

Oracle Linux x86_64

pam

1.5.1-26.0.1.el9_6

pam-devel

1.5.1-26.0.1.el9_6

pam-docs

1.5.1-26.0.1.el9_6

Связанные CVE

CVE-2025-6020
CVE-2025-8941

Ссылки на источники

Связанные уязвимости

rocky логотип

RLSA-2025:14557

rocky
около 1 месяца назад

Important: pam security update

ubuntu логотип

CVE-2025-8941

CVSS3: 7.8
ubuntu
2 месяца назад

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

redhat логотип

CVE-2025-8941

CVSS3: 7.8
redhat
2 месяца назад

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

nvd логотип

CVE-2025-8941

CVSS3: 7.8
nvd
2 месяца назад

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

debian логотип

CVE-2025-8941

CVSS3: 7.8
debian
2 месяца назад

A flaw was found in linux-pam. The pam_namespace module may improperly ...