pam-1.5.1-26.el9_6

エラータID: AXSA:2025-10831:06

リリース日: 
2025/09/04 Thursday - 14:46
題名: 
pam-1.5.1-26.el9_6
影響のあるチャネル: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.

Security Fix(es):

* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)
* linux-pam: Incomplete fix for CVE-2025-6020 (CVE-2025-8941)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-6020
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.
CVE-2025-8941
A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

解決策: 

Update packages.

CVE: 
CVE-2025-6020
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.
CVE-2025-8941
A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. pam-1.5.1-26.el9_6.src.rpm
    MD5: f9c4da8733c01d85249a1bd4accb6f35
    SHA-256: 0d47eb1e7e3d670865c35380c7b04844f5d6ce4cfd941c2d629cc47d0f09c852
    Size: 1.08 MB

Asianux Server 9 for x86_64
  1. pam-1.5.1-26.el9_6.i686.rpm
    MD5: c29f155e5d369be36d8b17e07d52192a
    SHA-256: c595335b08ab99807c1f9e3935152ef9223c8aac7be9c8cece0f726256958442
    Size: 626.89 kB
  2. pam-1.5.1-26.el9_6.x86_64.rpm
    MD5: 0ee4701c919d779ffee65bc6f5093a9f
    SHA-256: 9562c4c336657ceba76f5e88c9f90cdfe41080a61fad6c2e2ef88e2a3ec626b8
    Size: 604.60 kB
  3. pam-devel-1.5.1-26.el9_6.i686.rpm
    MD5: 4e2f5e4444d62605a26e6bd0216bc8aa
    SHA-256: 1e208e03ab4f8b9772eb7a18b96b8990fd25eb250f65dfdada1ae9441547ff98
    Size: 163.49 kB
  4. pam-devel-1.5.1-26.el9_6.x86_64.rpm
    MD5: ccf33fc9608d94b1d125cef845bc5a92
    SHA-256: 9a53eda42763e2f529e0a7e089492d73ae61e17a4c7c381bd16fcaf0b1d99a1c
    Size: 163.48 kB
  5. pam-docs-1.5.1-26.el9_6.x86_64.rpm
    MD5: 91c5f6f94a5d1609ae2b9d42b1ca4eb2
    SHA-256: f30a9d33423ff9890b6dda5a8bc2dcd9f8da7afbf6ee875f2deb20048322da49
    Size: 128.69 kB