CVE-2025-8941

Published Aug 13, 2025

Last updated 4 months ago

CVSS high 7.8
linux-pam

Overview

Description
A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.
Source
secalert@redhat.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

secalert@redhat.com
CWE-22

Social media

Hype score
Not currently trending

  1. CVE-2025-8941: Critical Privilege Escalation Vulnerability in Linux-PAM https://t.co/YhyQc6wAec #patchmanagement

    @eyalestrin

    23 Oct 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 A public PoC exploit for #Linux-PAM (CVE-2025-8941) lets local users gain root access via pam_namespace flaw. Admins: patch or disable it now! ⚙️🔒 Read More: https://t.co/Yc6TcQAH2F #LinuxSecurity #CVE20258941 #CyberSecurity

    @FindSecCyber

    22 Oct 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. انتشار آسیب پذیری برای ماژول PAM از نوع privilege escalation با کد شناسایی CVE-2025-8941 https://t.co/02kgKMnKcT https://t.co/Bk0PBPZpR7

    @EthicalSafe

    20 Oct 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. ⚠️ Two authentication layer vulnerabilities hitting enterprise Linux deployments simultaneously this week. First: Linux kernel Azure FIPS certified kernels (USN-7810-3) patched multiple vulns. Second: Linux-PAM symlink race (CVE-2025-8941) at CVSS 7.8. Both attack local privi

    @the_c_protocol

    20 Oct 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. csirt_it: ‼ #Linux: disponibile un #PoC per lo sfruttamento della CVE-2025-8941 che interessa il modulo pam_namespace del framework #LinuxPAM Rischio: 🟠 Tipologia: 🔸 Privilege Escalation 🔗 https://t.co/RTzwq44ac8 ⚠ Importante mantenere aggiorna… https://t.co/L

    @Vulcanux_

    20 Oct 2025

    67 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🔴 Linux-PAM vulnerability (CVE-2025-8941, CVSS 7.8) enables local users to exploit symlink races in pam_namespace for full root escalation. The pam_namespace module mishandles user-controlled paths, letting attackers plant symlinks that hijack directory creation during session

    @the_c_protocol

    20 Oct 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. PoC Released for Linux-PAM Root Privilege Escalation A PoC for CVE-2025-8941, a high-severity (7.8 CVSS) Linux PAM vulnerability, enables local attackers to escalate privileges to root via race conditions and symlink manipulation. Discovered in pam_namespace, this flaw affects h

    @Secwiserapp

    20 Oct 2025

    69 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. 🐧💻 Uma falha crítica no Linux-PAM (CVE-2025-8941) permite que invasores locais escalem privilégios e assumam controle root do sistema! Com um PoC já publicado, servidores Linux estão sob risco especialmente em ambientes multiusuário. A vulnerabilidade explora uma cond

    @TechStartXYZ

    20 Oct 2025

    82 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. Thread: "Linux-PAM PoC Drops: High-Sev RCE Vuln Now Weaponized—Patch or Perish?" 🚨🐧 1/5: "🚨 EXPLOIT RELEASE: PoC out for CVE-2025-8941 in Linux-PAM—high-sev RCE letting attackers hijack auth flows on Linux servers. Cybersecurity News' fresh drop warns of quick weapon

    @CybershieldHub

    20 Oct 2025

    116 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  10. Linuxの認証基盤PAMで深刻なローカル権限昇格脆弱性CVE-2025-8941が発見された。シンボリックリンクとレースコンディションの組合せで、低権限ユーザがrootを奪取し得る重大リスクである。共有サーバやデスクト

    @yousukezan

    19 Oct 2025

    1926 Impressions

    5 Retweets

    15 Likes

    3 Bookmarks

    1 Reply

    0 Quotes

  11. CVE-2025-8941: Critical Privilege Escalation Vulnerability in Linux-PAM - Cybersecurity Exploit Tracker by Ameeba https://t.co/VoEsv3VqoT

    @akaclandestine

    19 Oct 2025

    1183 Impressions

    1 Retweet

    10 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  12. ⚠️ PoC Exploit Released for Linux-PAM Vulnerability Allowing Root Privilege Escalation Read more: https://t.co/3XjdYjPpL1 A high-severity vulnerability in the Pluggable Authentication Modules (PAM) framework was assigned the identifier CVE-2025-8941. This vulnerability st

    @The_Cyber_News

    19 Oct 2025

    5131 Impressions

    38 Retweets

    109 Likes

    40 Bookmarks

    1 Reply

    0 Quotes

  13. CVE-2025-8941: Critical Privilege Escalation Vulnerability in Linux-PAM https://t.co/nSpuYi63f5 https://t.co/2KvTrSUvL6

    @secharvesterx

    19 Oct 2025

    86 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. CVE-2025-8941: Critical Privilege Escalation Vulnerability in Linux-PAM https://t.co/cEFybIJCGt

    @_r_netsec

    19 Oct 2025

    2591 Impressions

    7 Retweets

    15 Likes

    12 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.