CVE-2025-6020

EPSS 0.03%
Veröffentlicht 17.06.2025 12:44:08
Zuletzt bearbeitet 23.09.2025 20:15:33
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 26

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

Collection URLhttps://github.com/linux-pam/linux-pam

≫

Paket linux-pam

Default Statusunaffected

Version < 1.7.1

Version 0

Status affected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 7 Extended Lifecycle Support

Default Statusaffected

Version < *

Version 0:1.1.8-23.el7_9.1

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8

Default Statusaffected

Version < *

Version 0:1.3.1-37.el8_10

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8

Default Statusaffected

Version < *

Version 0:1.3.1-38.el8_10

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.2 Advanced Update Support

Default Statusaffected

Version < *

Version 0:1.3.1-8.el8_2.1

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support

Default Statusaffected

Version < *

Version 0:1.3.1-14.el8_4.1

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support

Default Statusaffected

Version < *

Version 0:1.3.1-16.el8_6.2

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Default Statusaffected

Version < *

Version 0:1.3.1-16.el8_6.2

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions

Default Statusaffected

Version < *

Version 0:1.3.1-16.el8_6.2

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Default Statusaffected

Version < *

Version 0:1.3.1-26.el8_8.1

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions

Default Statusaffected

Version < *

Version 0:1.3.1-26.el8_8.1

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9

Default Statusaffected

Version < *

Version 0:1.5.1-26.el9_6

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9

Default Statusaffected

Version < *

Version 0:1.5.1-25.el9_6

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9

Default Statusaffected

Version < *

Version 0:1.5.1-26.el9_6

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9

Default Statusaffected

Version < *

Version 0:1.5.1-25.el9_6

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Default Statusaffected

Version < *

Version 0:1.5.1-9.el9_0.2

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Default Statusaffected

Version < *

Version 0:1.5.1-15.el9_2.1

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9.4 Extended Update Support

Default Statusaffected

Version < *

Version 0:1.5.1-24.el9_4

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Web Terminal 1.11 on RHEL 9

Default Statusaffected

Version < *

Version 1.11-19

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Web Terminal 1.11 on RHEL 9

Default Statusaffected

Version < *

Version 1.11-8

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Web Terminal 1.12 on RHEL 9

Default Statusaffected

Version < *

Version 1.12-4

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-4.1752066672

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-4.1752065732

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-4.1752065732

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-3.1752065737

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-4.1752065731

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-25

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-4.1752065736

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-2.1752065733

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-4.1752065755

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Discovery 2

Default Statusaffected

Version < *

Version sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Discovery 2

Default Statusaffected

Version < *

Version sha256:1c67d8d526ab4f2854947f7dccd8752a2efd414c0f1cbab17706fa91147e7cda

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.1

Default Statusaffected

Version < *

Version sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.1

Default Statusaffected

Version < *

Version sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.1

Default Statusaffected

Version < *

Version sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.1

Default Statusaffected

Version < *

Version sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.1

Default Statusaffected

Version < *

Version sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.1

Default Statusaffected

Version < *

Version sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.1

Default Statusaffected

Version < *

Version sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.1

Default Statusaffected

Version < *

Version sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.1

Default Statusaffected

Version < *

Version sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift sandboxed containers 1.1

Default Statusaffected

Version < *

Version sha256:7b6bd3411ca5ec140968975d4f11f3ec0686b6fbca0ce05288e041ee2e569a89

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift sandboxed containers 1.1

Default Statusaffected

Version < *

Version sha256:f5e1602d72177d77f1b879c76e6f6cfbc2979c136c06ca9f03ea97ffb369b7a6

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift sandboxed containers 1.1

Default Statusaffected

Version < *

Version sha256:cead623ceda4048cabaa81c371ed2a8143f5c5514276fca1d71685bd9e6d1e65

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift sandboxed containers 1.1

Default Statusaffected

Version < *

Version sha256:59fb1f7f1653361d94f7d48b42d8fe19ed3263c1c78654837c11f2135544c1ac

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat In-Vehicle Operating System 1

Default Statusaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.077

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secalert@redhat.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

https://access.redhat.com/security/cve/CVE-2025-6020

https://bugzilla.redhat.com/show_bug.cgi?id=2372512

http://www.openwall.com/lists/oss-security/2025/06/17/1

https://access.redhat.com/errata/RHSA-2025:9526

https://access.redhat.com/errata/RHSA-2025:10024

https://access.redhat.com/errata/RHSA-2025:10027

https://access.redhat.com/errata/RHSA-2025:10180

https://access.redhat.com/errata/RHSA-2025:10354

https://access.redhat.com/errata/RHSA-2025:10357

https://access.redhat.com/errata/RHSA-2025:10358

https://access.redhat.com/errata/RHSA-2025:10359

https://access.redhat.com/errata/RHSA-2025:10361