Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2025-9526

Опубликовано: 24 июн. 2025
Источник: oracle-oval
Платформа: Oracle Linux 9

Описание

ELSA-2025-9526: pam security update (IMPORTANT)

[1.5.1-25.0.1]

  • pam_limits: fix use after free in pam_sm_open_session [Orabug: 36406534]

[1.5.1-25]

  • pam_namespace: fix potential privilege escalation. Resolves: CVE-2025-6020 and RHEL-96729

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

pam

1.5.1-25.0.1.el9_6

pam-devel

1.5.1-25.0.1.el9_6

pam-docs

1.5.1-25.0.1.el9_6

Oracle Linux x86_64

pam

1.5.1-25.0.1.el9_6

pam-devel

1.5.1-25.0.1.el9_6

pam-docs

1.5.1-25.0.1.el9_6

Связанные CVE

CVE-2025-6020

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2025-6020

CVSS3: 7.8
ubuntu
около 2 месяцев назад

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

redhat логотип

CVE-2025-6020

CVSS3: 7.8
redhat
около 2 месяцев назад

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

nvd логотип

CVE-2025-6020

CVSS3: 7.8
nvd
около 2 месяцев назад

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

msrc логотип

CVE-2025-6020

CVSS3: 7.8
msrc
24 дня назад

Описание отсутствует

debian логотип

CVE-2025-6020

CVSS3: 7.8
debian
около 2 месяцев назад

A flaw was found in linux-pam. The module pam_namespace may use access ...