- Description
- A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.
- Source
- secalert@redhat.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secalert@redhat.com
- CWE-22
- Hype score
- Not currently trending
昨日、使ってるDockerイメージにスコアHIGHの脆弱性があったから新しいイメージに変えたら、今見たらCVE-2025-6020(High)とかいう新しい脆弱性見つかって新しいイメージの方も脆弱判定されてて草 しかもpamの権限
@PoyotanP
18 Jun 2025
87 Impressions
0 Retweets
7 Likes
0 Bookmarks
0 Replies
0 Quotes
In this weeks episode of container security is horrible pam_namespace gets a LPE to root via symlinks && race conditions CVE-2025-6020 Privileged Access Management is a lie - just don't let users on your system - in fact don't have users to begin with! Enforce it w/ unik
@nanovms
17 Jun 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes