Количество 19
Количество 19

CVE-2025-6018
A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations.

CVE-2025-6018
A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations.

CVE-2025-6018
A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations.
CVE-2025-6018
A Local Privilege Escalation (LPE) vulnerability has been discovered i ...

SUSE-SU-2025:02082-1
Security update for pam-config

SUSE-SU-2025:02081-1
Security update for pam-config

SUSE-SU-2025:02080-1
Security update for pam-config

SUSE-SU-2025:02032-1
Security update for pam_pkcs11

SUSE-SU-2025:02031-1
Security update for pam_pkcs11

SUSE-SU-2025:02026-1
Security update for pam_pkcs11

SUSE-SU-2025:02015-1
Security update for gdm

SUSE-SU-2025:02005-1
Security update for gdm

SUSE-SU-2025:02004-1
Security update for gdm

SUSE-SU-2025:02003-1
Security update for gdm

SUSE-SU-2025:02002-1
Security update for gdm

SUSE-SU-2025:02001-1
Security update for pam
GHSA-cg9q-xmf9-7r6w
A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations.

BDU:2025-07575
Уязвимость компонента Udisks модуля аутентификации Linux-PAM, позволяющая нарушителю повысить свои привилегии до уровня root

SUSE-SU-2025:02013-1
Security update for pam
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
---|---|---|---|---|
![]() | CVE-2025-6018 A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations. | CVSS3: 7.8 | 0% Низкий | 15 дней назад |
![]() | CVE-2025-6018 A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations. | CVSS3: 7.8 | 0% Низкий | около 2 месяцев назад |
![]() | CVE-2025-6018 A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations. | CVSS3: 7.8 | 0% Низкий | 15 дней назад |
CVE-2025-6018 A Local Privilege Escalation (LPE) vulnerability has been discovered i ... | CVSS3: 7.8 | 0% Низкий | 15 дней назад | |
![]() | SUSE-SU-2025:02082-1 Security update for pam-config | 0% Низкий | около 1 месяца назад | |
![]() | SUSE-SU-2025:02081-1 Security update for pam-config | 0% Низкий | около 1 месяца назад | |
![]() | SUSE-SU-2025:02080-1 Security update for pam-config | 0% Низкий | около 1 месяца назад | |
![]() | SUSE-SU-2025:02032-1 Security update for pam_pkcs11 | 0% Низкий | около 2 месяцев назад | |
![]() | SUSE-SU-2025:02031-1 Security update for pam_pkcs11 | 0% Низкий | около 2 месяцев назад | |
![]() | SUSE-SU-2025:02026-1 Security update for pam_pkcs11 | 0% Низкий | около 2 месяцев назад | |
![]() | SUSE-SU-2025:02015-1 Security update for gdm | 0% Низкий | около 2 месяцев назад | |
![]() | SUSE-SU-2025:02005-1 Security update for gdm | 0% Низкий | около 2 месяцев назад | |
![]() | SUSE-SU-2025:02004-1 Security update for gdm | 0% Низкий | около 2 месяцев назад | |
![]() | SUSE-SU-2025:02003-1 Security update for gdm | 0% Низкий | около 2 месяцев назад | |
![]() | SUSE-SU-2025:02002-1 Security update for gdm | 0% Низкий | около 2 месяцев назад | |
![]() | SUSE-SU-2025:02001-1 Security update for pam | 0% Низкий | около 2 месяцев назад | |
GHSA-cg9q-xmf9-7r6w A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations. | CVSS3: 7.8 | 0% Низкий | 15 дней назад | |
![]() | BDU:2025-07575 Уязвимость компонента Udisks модуля аутентификации Linux-PAM, позволяющая нарушителю повысить свои привилегии до уровня root | CVSS3: 8.4 | 0% Низкий | около 2 месяцев назад |
![]() | SUSE-SU-2025:02013-1 Security update for pam | около 2 месяцев назад |
Уязвимостей на страницу