CVE-2025-6020

EPSS 0.04%
Veröffentlicht 17.06.2025 12:44:08
Zuletzt bearbeitet 22.01.2026 05:16:17
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 33

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

Collection URLhttps://github.com/linux-pam/linux-pam

≫

Paket linux-pam

Default Statusunaffected

Version < 1.7.1

Version 0

Status affected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 10

Default Statusaffected

Version < *

Version 0:1.6.1-8.el10

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 10.0 Extended Update Support

Default Statusaffected

Version < *

Version 0:1.6.1-8.el10_0

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 7 Extended Lifecycle Support

Default Statusaffected

Version < *

Version 0:1.1.8-23.el7_9.1

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8

Default Statusaffected

Version < *

Version 0:1.3.1-37.el8_10

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8

Default Statusaffected

Version < *

Version 0:1.3.1-38.el8_10

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.2 Advanced Update Support

Default Statusaffected

Version < *

Version 0:1.3.1-8.el8_2.1

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support

Default Statusaffected

Version < *

Version 0:1.3.1-14.el8_4.1

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support

Default Statusaffected

Version < *

Version 0:1.3.1-16.el8_6.2

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Default Statusaffected

Version < *

Version 0:1.3.1-16.el8_6.2

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions

Default Statusaffected

Version < *

Version 0:1.3.1-16.el8_6.2

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Default Statusaffected

Version < *

Version 0:1.3.1-26.el8_8.1

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions

Default Statusaffected

Version < *

Version 0:1.3.1-26.el8_8.1

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9

Default Statusaffected

Version < *

Version 0:1.5.1-26.el9_6

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9

Default Statusaffected

Version < *

Version 0:1.5.1-25.el9_6

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9

Default Statusaffected

Version < *

Version 0:1.5.1-26.el9_6

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9

Default Statusaffected

Version < *

Version 0:1.5.1-25.el9_6

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Default Statusaffected

Version < *

Version 0:1.5.1-9.el9_0.2

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Default Statusaffected

Version < *

Version 0:1.5.1-15.el9_2.1

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9.4 Extended Update Support

Default Statusaffected

Version < *

Version 0:1.5.1-24.el9_4

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Web Terminal 1.11 on RHEL 9

Default Statusaffected

Version < *

Version 1.11-19

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Web Terminal 1.11 on RHEL 9

Default Statusaffected

Version < *

Version 1.11-8

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Web Terminal 1.12 on RHEL 9

Default Statusaffected

Version < *

Version 1.12-4

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-4.1752066672

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-4.1752065732

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-4.1752065732

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-3.1752065737

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-4.1752065731

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-25

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-4.1752065736

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-2.1752065733

Status unaffected

HerstellerRed Hat

≫

Produkt RHEL-8 based Middleware Containers

Default Statusaffected

Version < *

Version 7.13.5-4.1752065755

Status unaffected

HerstellerRed Hat

≫

Produkt RHOSS-1.36-RHEL-8

Default Statusaffected

Version < *

Version 1.36.0-11

Status unaffected

HerstellerRed Hat

≫

Produkt RHOSS-1.36-RHEL-8

Default Statusaffected

Version < *

Version 1.36.0-11

Status unaffected

HerstellerRed Hat

≫

Produkt RHOSS-1.36-RHEL-8

Default Statusaffected

Version < *

Version 1.36.0-11

Status unaffected

HerstellerRed Hat

≫

Produkt RHOSS-1.36-RHEL-8

Default Statusaffected

Version < *

Version 1.36.0-10

Status unaffected

HerstellerRed Hat

≫

Produkt RHOSS-1.36-RHEL-8

Default Statusaffected

Version < *

Version 1.36.0-10

Status unaffected

HerstellerRed Hat

≫

Produkt RHOSS-1.36-RHEL-8

Default Statusaffected

Version < *

Version 1.36.0-4

Status unaffected

HerstellerRed Hat

≫

Produkt RHOSS-1.36-RHEL-8

Default Statusaffected

Version < *

Version 1.36.0-9

Status unaffected

HerstellerRed Hat

≫

Produkt RHOSS-1.36-RHEL-8

Default Statusaffected

Version < *

Version 1.36.0-12

Status unaffected

HerstellerRed Hat

≫

Produkt RHOSS-1.36-RHEL-8

Default Statusaffected

Version < *

Version 1.36.0-18

Status unaffected

HerstellerRed Hat

≫

Produkt RHOSS-1.36-RHEL-8

Default Statusaffected

Version < *

Version 1.36.0-11

Status unaffected

HerstellerRed Hat

≫

Produkt RHOSS-1.36-RHEL-8

Default Statusaffected

Version < *

Version 1.36.0-7

Status unaffected

HerstellerRed Hat

≫

Produkt cert-manager operator for Red Hat OpenShift 1.16

Default Statusaffected

Version < *

Version sha256:1abdfac084e7c86e7a93a19e5cf6b54db79b903bfb7474a42200f753b29eda4b

Status unaffected

HerstellerRed Hat

≫

Produkt Compliance Operator 1

Default Statusaffected

Version < *

Version sha256:06ad8599c4b0170264e40a45b0126504c87c37f0832265c7ff6541d2385b2049

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Discovery 2

Default Statusaffected

Version < *

Version sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Discovery 2

Default Statusaffected

Version < *

Version sha256:c85cfbcaf7888885e57596b7b8bde3894718cfc33326499b24961a66a62cf083

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Insights proxy 1.5

Default Statusaffected

Version < *

Version sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.0

Default Statusaffected

Version < *

Version sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.0

Default Statusaffected

Version < *

Version sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.0

Default Statusaffected

Version < *

Version sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.0

Default Statusaffected

Version < *

Version sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.0

Default Statusaffected

Version < *

Version sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.0

Default Statusaffected

Version < *

Version sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.0

Default Statusaffected

Version < *

Version sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.0

Default Statusaffected

Version < *

Version sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift distributed tracing 3.6.0

Default Statusaffected

Version < *

Version sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift sandboxed containers 1.1

Default Statusaffected

Version < *

Version sha256:7b6bd3411ca5ec140968975d4f11f3ec0686b6fbca0ce05288e041ee2e569a89

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift sandboxed containers 1.1

Default Statusaffected

Version < *

Version sha256:f5e1602d72177d77f1b879c76e6f6cfbc2979c136c06ca9f03ea97ffb369b7a6

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift sandboxed containers 1.1

Default Statusaffected

Version < *

Version sha256:cead623ceda4048cabaa81c371ed2a8143f5c5514276fca1d71685bd9e6d1e65

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift sandboxed containers 1.1

Default Statusaffected

Version < *

Version sha256:59fb1f7f1653361d94f7d48b42d8fe19ed3263c1c78654837c11f2135544c1ac

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.106

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secalert@redhat.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

https://access.redhat.com/security/cve/CVE-2025-6020

https://bugzilla.redhat.com/show_bug.cgi?id=2372512

http://www.openwall.com/lists/oss-security/2025/06/17/1

https://access.redhat.com/errata/RHSA-2025:9526

https://access.redhat.com/errata/RHSA-2025:10024

https://access.redhat.com/errata/RHSA-2025:10027

https://access.redhat.com/errata/RHSA-2025:10180

https://access.redhat.com/errata/RHSA-2025:10354

https://access.redhat.com/errata/RHSA-2025:10357

https://access.redhat.com/errata/RHSA-2025:10358

https://access.redhat.com/errata/RHSA-2025:10359

https://access.redhat.com/errata/RHSA-2025:10361