Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:14557

Опубликовано: 08 сент. 2025
Источник: rocky
Оценка: Important

Описание

Important: pam security update

Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.

Security Fix(es):

  • linux-pam: Linux-pam directory Traversal (CVE-2025-6020)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
pami68638.el8_10pam-1.3.1-38.el8_10.i686.rpm
pamx86_6438.el8_10pam-1.3.1-38.el8_10.x86_64.rpm
pam-develi68638.el8_10pam-devel-1.3.1-38.el8_10.i686.rpm
pam-develx86_6438.el8_10pam-devel-1.3.1-38.el8_10.x86_64.rpm

Показывать по

Связанные CVE

CVE-2025-6020
CVE-2025-8941

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2025-15099

oracle-oval
около 1 месяца назад

ELSA-2025-15099: pam security update (IMPORTANT)

ubuntu логотип

CVE-2025-8941

CVSS3: 7.8
ubuntu
2 месяца назад

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

redhat логотип

CVE-2025-8941

CVSS3: 7.8
redhat
2 месяца назад

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

nvd логотип

CVE-2025-8941

CVSS3: 7.8
nvd
2 месяца назад

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

debian логотип

CVE-2025-8941

CVSS3: 7.8
debian
2 месяца назад

A flaw was found in linux-pam. The pam_namespace module may improperly ...