CVE-2025-6020

Опубликовано: 17 июн. 2025

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 7.8

Описание

The module pam_namespace in linux-pam <= 1.7.0 may access user-controlled paths without proper protections, which allows a local user to elevate their privileges to root via multiple symlink attacks and race conditions

Релиз	Статус	Примечание
devel	needs-triage
esm-infra-legacy/trusty	needs-triage
esm-infra/bionic	needs-triage
esm-infra/focal	needs-triage
esm-infra/xenial	needs-triage
jammy	needs-triage
noble	needs-triage
oracular	needs-triage
plucky	needs-triage
upstream	needs-triage

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2025-6020

EPSS

Процентиль: 4%

0.0002

Низкий

7.8 High

CVSS3

Связанные уязвимости

CVE-2025-6020

CVSS3: 7.8

redhat

3 дня назад

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

CVE-2025-6020

CVSS3: 7.8

nvd

2 дня назад

CVE-2025-6020

CVSS3: 7.8

debian

2 дня назад

A flaw was found in linux-pam. The module pam_namespace may use access ...

EPSS

Процентиль: 4%

0.0002

Низкий

7.8 High

CVSS3

CVE-2025-6020

Описание

Пакет pam

Ссылки на источники

Связанные уязвимости