CVE-2025-6020

CVE-2025-6020

Name

CVE-2025-6020

Description

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
vdb-entry	https://access.redhat.com/security/cve/CVE-2025-6020
issue-tracking	https://bugzilla.redhat.com/show_bug.cgi?id=2372512
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2025/06/17/1
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:9526
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:10024
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:10027
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:10180
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:10354
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:10357
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:10358
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:10359
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:10361
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:10362
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:10735
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:10823
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:11386
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:11487
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:14557
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:15099
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:15709
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:15828
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:15827
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:16524
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:18219
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:17181
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2025:20181
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2025:21885
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2025:22019

Type

URI

vdb-entry

https://access.redhat.com/security/cve/CVE-2025-6020

issue-tracking

https://bugzilla.redhat.com/show_bug.cgi?id=2372512

af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2025/06/17/1

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:9526

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:10024

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:10027

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:10180

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:10354

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:10357

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:10358

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:10359

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:10361

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:10362

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:10735

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:10823

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:11386

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:11487

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:14557

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:15099

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:15709

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:15828

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:15827

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:16524

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:18219

af854a3a-2127-422b-91ae-364da2661108

https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:17181

secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:20181

secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:21885

secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:22019

Match rules

CPE URI	Source package	Min version	Max version
	shopxo	>= 0	< 1.7.1
`cpe:/o:redhat:rhel_els:7`	shopxo	>= 0:1.1.8-23.el7_9.1	< *
`cpe:/o:redhat:enterprise_linux:8::baseos`	shopxo	>= 0:1.3.1-37.el8_10	< *
`cpe:/o:redhat:enterprise_linux:8::baseos`	shopxo	>= 0:1.3.1-38.el8_10	< *
`cpe:/o:redhat:rhel_aus:8.2::baseos`	shopxo	>= 0:1.3.1-8.el8_2.1	< *
`cpe:/o:redhat:rhel_aus:8.4::baseos`	shopxo	>= 0:1.3.1-14.el8_4.1	< *
`cpe:/o:redhat:rhel_tus:8.8::baseos`	shopxo	>= 0:1.3.1-26.el8_8.1	< *
`cpe:/a:redhat:enterprise_linux:9::appstream`	shopxo	>= 0:1.5.1-26.el9_6	< *
`cpe:/a:redhat:enterprise_linux:9::appstream`	shopxo	>= 0:1.5.1-25.el9_6	< *
`cpe:/o:redhat:rhel_e4s:9.0::baseos`	shopxo	>= 0:1.5.1-9.el9_0.2	< *
`cpe:/a:redhat:rhel_e4s:9.2::appstream`	shopxo	>= 0:1.5.1-15.el9_2.1	< *
`cpe:/a:redhat:webterminal:1.11::el9`	shopxo	>= 1.11-19	< *
`cpe:/a:redhat:webterminal:1.11::el9`	shopxo	>= 1.11-8	< *
`cpe:/a:redhat:webterminal:1.12::el9`	shopxo	>= 1.12-4	< *
`cpe:/a:redhat:rhosemc:1.0::el8`	shopxo	>= 7.13.5-4.1752066672	< *
`cpe:/a:redhat:rhosemc:1.0::el8`	shopxo	>= 7.13.5-4.1752065732	< *
`cpe:/a:redhat:rhosemc:1.0::el8`	shopxo	>= 7.13.5-3.1752065737	< *
`cpe:/a:redhat:rhosemc:1.0::el8`	shopxo	>= 7.13.5-4.1752065731	< *
`cpe:/a:redhat:rhosemc:1.0::el8`	shopxo	>= 7.13.5-25	< *
`cpe:/a:redhat:rhosemc:1.0::el8`	shopxo	>= 7.13.5-4.1752065736	< *
`cpe:/a:redhat:rhosemc:1.0::el8`	shopxo	>= 7.13.5-2.1752065733	< *
`cpe:/a:redhat:rhosemc:1.0::el8`	shopxo	>= 7.13.5-4.1752065755	< *
`cpe:/a:redhat:discovery:2::el9`	shopxo	>= sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de	< *
`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`	shopxo	>= sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411	< *
`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`	shopxo	>= sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6	< *
`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`	shopxo	>= sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5	< *
`cpe:/a:redhat:confidential_compute_attestation:1.10::el9`	shopxo	>= sha256:f5e1602d72177d77f1b879c76e6f6cfbc2979c136c06ca9f03ea97ffb369b7a6	< *
`cpe:/a:redhat:confidential_compute_attestation:1.10::el9`	shopxo	>= sha256:cead623ceda4048cabaa81c371ed2a8143f5c5514276fca1d71685bd9e6d1e65	< *
`cpe:/a:redhat:confidential_compute_attestation:1.10::el9`	shopxo	>= sha256:8caeae7ffadf08840a47bc90c390ff402dd7db11457bca48f4e08a11e394be74	< *
`cpe:/o:redhat:rhel_tus:8.6::baseos`	shopxo	>= 0:1.3.1-16.el8_6.2	< *
`cpe:/a:redhat:rhel_eus:9.4::appstream`	shopxo	>= 0:1.5.1-24.el9_4	< *
`cpe:/a:redhat:cert_manager:1.16::el9`	shopxo	>= sha256:1abdfac084e7c86e7a93a19e5cf6b54db79b903bfb7474a42200f753b29eda4b	< *
`cpe:/a:redhat:discovery:2::el9`	shopxo	>= sha256:c85cfbcaf7888885e57596b7b8bde3894718cfc33326499b24961a66a62cf083	< *
`cpe:/a:redhat:insights_proxy:1.5::el9`	shopxo	>= sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea	< *
`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`	shopxo	>= sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42	< *
`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`	shopxo	>= sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895	< *
`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`	shopxo	>= sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861	< *
`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`	shopxo	>= sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0	< *
`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`	shopxo	>= sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068	< *
`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`	shopxo	>= sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117	< *
`cpe:/a:redhat:confidential_compute_attestation:1.10::el9`	shopxo	>= sha256:7b6bd3411ca5ec140968975d4f11f3ec0686b6fbca0ce05288e041ee2e569a89	< *

CPE URI

Source package

Min version

Max version

shopxo

>= 0

< 1.7.1

cpe:/o:redhat:rhel_els:7

shopxo

>= 0:1.1.8-23.el7_9.1

< *

cpe:/o:redhat:enterprise_linux:8::baseos

shopxo

>= 0:1.3.1-37.el8_10

< *

cpe:/o:redhat:enterprise_linux:8::baseos

shopxo

>= 0:1.3.1-38.el8_10

< *

cpe:/o:redhat:rhel_aus:8.2::baseos

shopxo

>= 0:1.3.1-8.el8_2.1

< *

cpe:/o:redhat:rhel_aus:8.4::baseos

shopxo

>= 0:1.3.1-14.el8_4.1

< *

cpe:/o:redhat:rhel_tus:8.8::baseos

shopxo

>= 0:1.3.1-26.el8_8.1

< *

cpe:/a:redhat:enterprise_linux:9::appstream

shopxo

>= 0:1.5.1-26.el9_6

< *

cpe:/a:redhat:enterprise_linux:9::appstream

shopxo

>= 0:1.5.1-25.el9_6

< *

cpe:/o:redhat:rhel_e4s:9.0::baseos

shopxo

>= 0:1.5.1-9.el9_0.2

< *

cpe:/a:redhat:rhel_e4s:9.2::appstream

shopxo

>= 0:1.5.1-15.el9_2.1

< *

cpe:/a:redhat:webterminal:1.11::el9

shopxo

>= 1.11-19

< *

cpe:/a:redhat:webterminal:1.11::el9

shopxo

>= 1.11-8

< *

cpe:/a:redhat:webterminal:1.12::el9

shopxo

>= 1.12-4

< *

cpe:/a:redhat:rhosemc:1.0::el8

shopxo

>= 7.13.5-4.1752066672

< *

cpe:/a:redhat:rhosemc:1.0::el8

shopxo

>= 7.13.5-4.1752065732

< *

cpe:/a:redhat:rhosemc:1.0::el8

shopxo

>= 7.13.5-3.1752065737

< *

cpe:/a:redhat:rhosemc:1.0::el8

shopxo

>= 7.13.5-4.1752065731

< *

cpe:/a:redhat:rhosemc:1.0::el8

shopxo

>= 7.13.5-25

< *

cpe:/a:redhat:rhosemc:1.0::el8

shopxo

>= 7.13.5-4.1752065736

< *

cpe:/a:redhat:rhosemc:1.0::el8

shopxo

>= 7.13.5-2.1752065733

< *

cpe:/a:redhat:rhosemc:1.0::el8

shopxo

>= 7.13.5-4.1752065755

< *

cpe:/a:redhat:discovery:2::el9

shopxo

>= sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de

< *

cpe:/a:redhat:openshift_distributed_tracing:3.6::el8

shopxo

>= sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411

< *

cpe:/a:redhat:openshift_distributed_tracing:3.6::el8

shopxo

>= sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6

< *

cpe:/a:redhat:openshift_distributed_tracing:3.6::el8

shopxo

>= sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5

< *

cpe:/a:redhat:confidential_compute_attestation:1.10::el9

shopxo

>= sha256:f5e1602d72177d77f1b879c76e6f6cfbc2979c136c06ca9f03ea97ffb369b7a6

< *

cpe:/a:redhat:confidential_compute_attestation:1.10::el9

shopxo

>= sha256:cead623ceda4048cabaa81c371ed2a8143f5c5514276fca1d71685bd9e6d1e65

< *

cpe:/a:redhat:confidential_compute_attestation:1.10::el9

shopxo

>= sha256:8caeae7ffadf08840a47bc90c390ff402dd7db11457bca48f4e08a11e394be74

< *

cpe:/o:redhat:rhel_tus:8.6::baseos

shopxo

>= 0:1.3.1-16.el8_6.2

< *

cpe:/a:redhat:rhel_eus:9.4::appstream

shopxo

>= 0:1.5.1-24.el9_4

< *

cpe:/a:redhat:cert_manager:1.16::el9

shopxo

>= sha256:1abdfac084e7c86e7a93a19e5cf6b54db79b903bfb7474a42200f753b29eda4b

< *

cpe:/a:redhat:discovery:2::el9

shopxo

>= sha256:c85cfbcaf7888885e57596b7b8bde3894718cfc33326499b24961a66a62cf083

< *

cpe:/a:redhat:insights_proxy:1.5::el9

shopxo

>= sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea

< *

cpe:/a:redhat:openshift_distributed_tracing:3.6::el8

shopxo

>= sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42

< *

cpe:/a:redhat:openshift_distributed_tracing:3.6::el8

shopxo

>= sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895

< *

cpe:/a:redhat:openshift_distributed_tracing:3.6::el8

shopxo

>= sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861

< *

cpe:/a:redhat:openshift_distributed_tracing:3.6::el8

shopxo

>= sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0

< *

cpe:/a:redhat:openshift_distributed_tracing:3.6::el8

shopxo

>= sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068

< *

cpe:/a:redhat:openshift_distributed_tracing:3.6::el8

shopxo

>= sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117

< *

cpe:/a:redhat:confidential_compute_attestation:1.10::el9

shopxo

>= sha256:7b6bd3411ca5ec140968975d4f11f3ec0686b6fbca0ce05288e041ee2e569a89

< *

References

Match rules

Vulnerable and fixed packages