CVE-2025-6020

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-6020

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-6020.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-6020

Aliases

Downstream

DEBIAN-CVE-2025-6020

DLA-4306-1

ECHO-5cf6-3556-3b34

OESA-2025-1743

OESA-2025-1744

OESA-2025-1745

OESA-2025-1746

OESA-2025-1830

OESA-2025-1831

RHSA-2025:10024

RHSA-2025:10027

RHSA-2025:10180

RHSA-2025:10354

RHSA-2025:10357

RHSA-2025:10358

RHSA-2025:10359

RHSA-2025:10361

RHSA-2025:10362

RHSA-2025:14557

RHSA-2025:15099

RHSA-2025:20181

RHSA-2025:22019

RHSA-2025:9526

RLSA-2025:10027

RLSA-2025:14557

RLSA-2025:15099

RLSA-2025:20181

RLSA-2025:9526

SUSE-SU-2025:02013-1

UBUNTU-CVE-2025-6020

USN-7580-1

Related

Published

2025-06-17T13:15:21Z

Modified

2026-01-14T18:57:13.038223Z

Summary

[none]

Details

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

References

Affected packages