CVE-2025-6020

EUVD-2025-19056
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
redhatCNA
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Debian logo
Debian Releases
Debian Product
Codename
pam
bookworm
1.5.2-6+deb12u2
fixed
bullseye
vulnerable
bullseye (security)
1.4.0-9+deb11u2
fixed
forky
1.7.0-5
fixed
sid
1.7.0-5
fixed
trixie
1.7.0-5
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
pam
bionic
needs-triage
focal
needs-triage
jammy
Fixed 1.4.0-11ubuntu2.6
released
noble
Fixed 1.5.3-5ubuntu5.4
released
oracular
Fixed 1.5.3-7ubuntu2.3
released
plucky
Fixed 1.5.3-7ubuntu4.3
released
questing
Fixed 1.5.3-7ubuntu6
released
trusty
needs-triage
xenial
needs-triage
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2025:10024
https://access.redhat.com/errata/RHSA-2025:10027
https://access.redhat.com/errata/RHSA-2025:10180
https://access.redhat.com/errata/RHSA-2025:10354
https://access.redhat.com/errata/RHSA-2025:10357
https://access.redhat.com/errata/RHSA-2025:10358
https://access.redhat.com/errata/RHSA-2025:10359
https://access.redhat.com/errata/RHSA-2025:10361
https://access.redhat.com/errata/RHSA-2025:10362
https://access.redhat.com/errata/RHSA-2025:10735
https://access.redhat.com/errata/RHSA-2025:10823
https://access.redhat.com/errata/RHSA-2025:11386
https://access.redhat.com/errata/RHSA-2025:11487
https://access.redhat.com/errata/RHSA-2025:14557
https://access.redhat.com/errata/RHSA-2025:15099
https://access.redhat.com/errata/RHSA-2025:15709
https://access.redhat.com/errata/RHSA-2025:15827
https://access.redhat.com/errata/RHSA-2025:15828
https://access.redhat.com/errata/RHSA-2025:16524
https://access.redhat.com/errata/RHSA-2025:17181
https://access.redhat.com/errata/RHSA-2025:18219
https://access.redhat.com/errata/RHSA-2025:20181
https://access.redhat.com/errata/RHSA-2025:21885
https://access.redhat.com/errata/RHSA-2025:22019
https://access.redhat.com/errata/RHSA-2025:9526
https://access.redhat.com/errata/RHSA-2026:0934
https://access.redhat.com/security/cve/CVE-2025-6020
https://bugzilla.redhat.com/show_bug.cgi?id=2372512
http://www.openwall.com/lists/oss-security/2025/06/17/1
https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html