MiracleLinux 9 : pam-1.5.1-25.el9_6 (AXSA:2025-10566:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10566:04 advisory. linux-pam: Linux-pam directory Traversal CVE-2025-6020 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

Security Bulletin: Vulnerability in linux-pam affects IBM Netezza Appliance

Summary The linux-pam package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-8941 Vulnerability Details CVEID:CVE-2025-8941 DESCRIPTION: A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing...

pam security update

An update is available for pam. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Pluggable Authentication Modules PAM provide a system to set up authentication...

RockyLinux 9 : pam (RLSA-2025:9526)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9526 advisory. linux-pam: Linux-pam directory Traversal CVE-2025-6020 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note...

EUVD-2009-0884

Malware in sbrugna...

EUVD-2009-0583

Malware in sbrugna...

EUVD-2010-3429

Malware in sbrugna...

EUVD-2015-3294

Malware in sbrugna...

EUVD-2020-23925

Malware in sbrugna...

Important: Red Hat Security Advisory: pam security update

An update for pam is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as havin...

OESA-2025-1743 pam security update

PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: Linux-pam is a plug-in and unplugged system authentication software for Linux teams. There is a security vulnerability in Linux-pam. This...

Important: pam security update

Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle authentication. Security Fixes: linux-pam: Linux-pam directory Traversal CVE-2025-6020 For more details about the security issues, including the impact, a CVSS...

ALSA-2025:10027 Important: pam security update

Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle authentication. Security Fixes: linux-pam: Linux-pam directory Traversal CVE-2025-6020 For more details about the security issues, including the impact, a CVSS...

CVE-2025-6020

Summary: CVE-2025-6020 applies to the linux-pam pam_namespace module, which may use user-controlled paths without proper protection, enabling local users to escalate privileges via multiple symlink attacks and race conditions. Multiple connected advisories confirm the issue and provide fixes for ...

CVE-2025-6020

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. Mitigation Disable the pamnamespace module if it is not essential for...

PT-2025-25653

Name of the Vulnerable Software and Affected Versions linux-pam affected versions not specified Description A flaw in the pam namespace module of linux-pam allows local users to elevate their privileges to root via multiple symlink attacks and race conditions. This occurs when a user can launch a...

Denial Of Service (DoS)

linux-pam is vulnerable to a denial of service. The vulnerability is due to attackers being able to cause a blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

Low: pam

Issue Overview: A vulnerability was found in Linux PAM. An unprivileged user that is not yet in a corresponding mount namespace with /tmp mounted as a polyinstantiated dir can place a FIFO there, and a subsequent attempt to login as this user with pamnamespace configured will cause the openat in...

UBUNTU-CVE-2024-22365

linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

PT-2022-4982 · Linux Pam +2 · Linux-Pam +2

Name of the Vulnerable Software and Affected Versions: Linux-PAM versions prior to 1.5.2-6.1 Description: The issue is related to the pam access.so module of the Linux-PAM package, which does not correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS...