pam-1.3.1-38.el8_10

Release date:

Monday, September 1, 2025 - 17:12

Subject:

pam-1.3.1-38.el8_10

Affected Channels:

Asianux Server 8 for x86_64

Severity:

High

Description:

Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.

Security Fix(es):

* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-6020
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

Solution:

Update packages.

CVEs:

CVE-2025-6020
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

Additional Info:

N/A

Download:

SRPMS

pam-1.3.1-38.el8_10.src.rpm
MD5: 2b9d0718e8a1e4deaf8b6c06a25803e3
SHA-256: c4e0c9250de4ced8f112e51f96da56843f02ee0dcc0d9305c152cd1565c7d7e8
Size: 1.13 MB

Asianux Server 8 for x86_64

pam-1.3.1-38.el8_10.i686.rpm
MD5: 130e6476b9437ff4b06eb2604c9f7ec9
SHA-256: 458188a409e57e23a1274b99cd51cb83a6f777ebfdc92685c5e1be389ab0c4c2
Size: 769.85 kB
pam-1.3.1-38.el8_10.x86_64.rpm
MD5: 9097687b0f81a535b8a7e9202fd9c804
SHA-256: be497a56a640009f3d0ff43f4b2ed03185a4f43ea403124292e953ad0c5ea8d1
Size: 748.61 kB
pam-devel-1.3.1-38.el8_10.i686.rpm
MD5: 979d8c8b13c59a1a8802389360cb5ec7
SHA-256: c57f533f52a17c3368ad17398b58863822d8a7f22767b661ecdd491010718a67
Size: 211.36 kB
pam-devel-1.3.1-38.el8_10.x86_64.rpm
MD5: 892d9b3f05195857c33c1d4ea67f7a33
SHA-256: 3f4695d7283c89e245838c744401e11d7ffa9f8567c777641bd0c0ed16c25a41
Size: 211.34 kB

Main menu

You are here