AlmaLinux 9 : pam (ALSA-2025:9526)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9526 advisory. linux-pam: Linux-pam directory Traversal CVE-2025-6020 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note th...

The vulnerability of the Udisks component in the Linux-PAM authentication module allows a hacker to elevate their privileges to the level of root.

The vulnerability of the Udisks component in the Linux-PAM authentication module is related to configuration errors. Exploiting this vulnerability could allow an attacker to elevate their privileges to the root level using the SSH protocol...

RHEL 9 : pam (RHSA-2025:9526)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:9526 advisory. Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle...

linux-pam: Linux-pam directory Traversal

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions...

ALSA-2025:9526 Important: pam security update

Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle authentication. Security Fixes: linux-pam: Linux-pam directory Traversal CVE-2025-6020 For more details about the security issues, including the impact, a CVSS...

Important: pam security update

Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle authentication. Security Fixes: linux-pam: Linux-pam directory Traversal CVE-2025-6020 For more details about the security issues, including the impact, a CVSS...

The vulnerability of the pam_namespace module of the Linux-PAM authentication module allows a hacker to increase their privileges.

The vulnerability of the pamnamespace module in the Linux-PAM authentication module arises from a race condition caused by an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability can allow an attacker to increase their privileges...

SUSE CVE-2025-6020

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions...

CVE-2025-6020

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions...

DEBIAN-CVE-2025-6020

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions...

AZL-64113 CVE-2025-6020 affecting package pam for versions less than 1.5.1-8

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions...

CVE-2025-6020

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions...

CVE-2025-6020

Summary: CVE-2025-6020 applies to the linux-pam pam_namespace module, which may use user-controlled paths without proper protection, enabling local users to escalate privileges via multiple symlink attacks and race conditions. Multiple connected advisories confirm the issue and provide fixes for ...

CVE-2025-6020 Linux-pam: linux-pam directory traversal

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions...

CVE-2025-6020 Linux-pam: linux-pam directory traversal

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions...

CVE-2025-6020

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions...

CVE-2025-6020

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. Mitigation Disable the pamnamespace module if it is not essential for...

UBUNTU-CVE-2025-6020

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions...

Linux-pam 路径遍历漏洞

Linux-pam is a plug-and-play supported system authentication software for Linux from the Linux team. A security vulnerability exists in Linux-pam that stems from insufficient protection of the pamnamespace module when using user-controlled paths, which could lead to a local user being elevated to...

TencentOS Server 3: pam (TSSA-2024:0210)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0210 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...