pam-1.1.8-23.0.1.0.2.el7.AXS7

エラータID: AXSA:2025-10893:07

Release date: 
Thursday, September 25, 2025 - 13:46
Subject: 
pam-1.1.8-23.0.1.0.2.el7.AXS7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

PAM (Pluggable Authentication Modules) is a system security tool that
allows system administrators to set authentication policy without
having to recompile programs that handle authentication.

Security Fix(es):

* CVE-2025-6020: fix potential privilege escalation in pam_namspace

CVE(s):
CVE-2025-6020
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

Solution: 

Update packages.

CVEs: 
CVE-2025-6020
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.
Additional Info: 

N/A

Download: 

Asianux Server 7 for x86_64
  1. pam-1.1.8-23.0.1.0.2.el7.AXS7.i686.rpm
    MD5: be031aac7d24659972090fbd7e7f815c
    SHA-256: 52313164c819ccbc7159851a5f4be2c01b8d3f69d46170d039263208a4ba7e9b
    Size: 721.00 kB
  2. pam-1.1.8-23.0.1.0.2.el7.AXS7.x86_64.rpm
    MD5: bcb10fef625b2b7873a3c23593ce3eef
    SHA-256: d0e2db55d34bc3b77282d1aad4c3a58a208d47c2cbfe378acac6e76054a079bb
    Size: 721.97 kB
  3. pam-devel-1.1.8-23.0.1.0.2.el7.AXS7.i686.rpm
    MD5: 0b8834443ec09ccd00264d217338572e
    SHA-256: b96697095f8b58f652dd16449cf6e4eaf872e864385fbc9046117a1ee9ab2f28
    Size: 184.61 kB
  4. pam-devel-1.1.8-23.0.1.0.2.el7.AXS7.x86_64.rpm
    MD5: 5fabe965c72a07f6a1dbea7e73156372
    SHA-256: 85dc465ef9e995778ca206980afd0118de48c4d6c05bc2a93095b007d0ff97f0
    Size: 184.59 kB