pam-1.3.1-37.el8_10

Release date:

Friday, July 4, 2025 - 10:50

Subject:

pam-1.3.1-37.el8_10

Affected Channels:

Asianux Server 8 for x86_64

Severity:

High

Description:

Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.

Security Fix(es):

* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-6020
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

Solution:

Update packages.

CVEs:

CVE-2025-6020
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

Additional Info:

N/A

Download:

SRPMS

pam-1.3.1-37.el8_10.src.rpm
MD5: 42f9873d92631b06adab8010826bdc2e
SHA-256: ee24962a89272f95239bd167087804cad61bfb4482b4f1c18026d5f479397b28
Size: 1.12 MB

Asianux Server 8 for x86_64

pam-1.3.1-37.el8_10.i686.rpm
MD5: 21d5475cf8e44a5b1eb8dd8467ab5b57
SHA-256: 11d2582493dc369cd4b5babefd459ca48da3a93e54df144b448ef0f11f331ca5
Size: 767.84 kB
pam-1.3.1-37.el8_10.x86_64.rpm
MD5: e75cd2c0b5e15e8c1d13a070bbfef9af
SHA-256: 165aa0a8b71652e2326145be8f815876a3d363a2bb8afcbb256e2b867fe8977f
Size: 747.26 kB
pam-devel-1.3.1-37.el8_10.i686.rpm
MD5: ff6e5bac53c5bff7639bfc89627b724b
SHA-256: 0b4d1bd44bed5cf45b8e785898a739e193f8339caba23941d8bbe12beb52c2ed
Size: 211.36 kB
pam-devel-1.3.1-37.el8_10.x86_64.rpm
MD5: 91f28ec20383656aeb572e6b88981090
SHA-256: 1f992ad88f48c943163b3439f05f1f3b707d98e94e836fcec19de1c53c0454d6
Size: 211.36 kB

Main menu

You are here