CVE-2025-6020 : Linux-pam: linux-pam directory traversal

一、漏洞 CVE-2025-6020 基础信息

漏洞信息

对漏洞内容有疑问？看看神龙的深度分析是否有帮助！

查看神龙十问 ↗

尽管我们使用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性，但请您根据实际情况进行核实和判断。

Vulnerability Title

Linux-pam: linux-pam directory traversal

来源: 美国国家漏洞数据库 NVD

Vulnerability Description

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

来源: 美国国家漏洞数据库 NVD

CVSS Information

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

来源: 美国国家漏洞数据库 NVD

Vulnerability Type

对路径名的限制不恰当(路径遍历)

来源: 美国国家漏洞数据库 NVD

Vulnerability Title

Linux-pam 安全漏洞

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Description

Linux-pam是Linux团队的一款用于Linux的支持插拔式的系统身份验证软件。 Linux-pam存在安全漏洞，该漏洞源于pam_namespace模块使用用户控制路径时保护不足，可能导致本地用户通过符号链接攻击和竞争条件提升至root权限。

来源: 中国国家信息安全漏洞库 CNNVD

CVSS Information

N/A

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Type

N/A

来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商	产品	影响版本	CPE
-	-	0 ~ 1.7.1	-
Red Hat	Red Hat Enterprise Linux 10	0:1.6.1-8.el10 ~ *	`cpe:/o:redhat:enterprise_linux:10.1`
Red Hat	Red Hat Enterprise Linux 10.0 Extended Update Support	0:1.6.1-8.el10_0 ~ *	`cpe:/o:redhat:enterprise_linux_eus:10.0`
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	0:1.1.8-23.el7_9.1 ~ *	`cpe:/o:redhat:rhel_els:7`
Red Hat	Red Hat Enterprise Linux 8	0:1.3.1-37.el8_10 ~ *	`cpe:/o:redhat:enterprise_linux:8::baseos`
Red Hat	Red Hat Enterprise Linux 8	0:1.3.1-38.el8_10 ~ *	`cpe:/o:redhat:enterprise_linux:8::baseos`
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	0:1.3.1-8.el8_2.1 ~ *	`cpe:/o:redhat:rhel_aus:8.2::baseos`
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	0:1.3.1-14.el8_4.1 ~ *	`cpe:/o:redhat:rhel_aus:8.4::baseos`
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	0:1.3.1-16.el8_6.2 ~ *	`cpe:/o:redhat:rhel_e4s:8.6::baseos`
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	0:1.3.1-16.el8_6.2 ~ *	`cpe:/o:redhat:rhel_e4s:8.6::baseos`
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	0:1.3.1-16.el8_6.2 ~ *	`cpe:/o:redhat:rhel_e4s:8.6::baseos`
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	0:1.3.1-26.el8_8.1 ~ *	`cpe:/o:redhat:rhel_e4s:8.8::baseos`
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	0:1.3.1-26.el8_8.1 ~ *	`cpe:/o:redhat:rhel_e4s:8.8::baseos`
Red Hat	Red Hat Enterprise Linux 9	0:1.5.1-26.el9_6 ~ *	`cpe:/o:redhat:enterprise_linux:9::baseos`
Red Hat	Red Hat Enterprise Linux 9	0:1.5.1-25.el9_6 ~ *	`cpe:/o:redhat:enterprise_linux:9::baseos`
Red Hat	Red Hat Enterprise Linux 9	0:1.5.1-26.el9_6 ~ *	`cpe:/o:redhat:enterprise_linux:9::baseos`
Red Hat	Red Hat Enterprise Linux 9	0:1.5.1-25.el9_6 ~ *	`cpe:/o:redhat:enterprise_linux:9::baseos`
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	0:1.5.1-9.el9_0.2 ~ *	`cpe:/o:redhat:rhel_e4s:9.0::baseos`
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	0:1.5.1-15.el9_2.1 ~ *	`cpe:/o:redhat:rhel_e4s:9.2::baseos`
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	0:1.5.1-24.el9_4 ~ *	`cpe:/a:redhat:rhel_eus:9.4::appstream`
Red Hat	Red Hat Web Terminal 1.11 on RHEL 9	1.11-19 ~ *	`cpe:/a:redhat:webterminal:1.11::el9`
Red Hat	Red Hat Web Terminal 1.11 on RHEL 9	1.11-8 ~ *	`cpe:/a:redhat:webterminal:1.11::el9`
Red Hat	Red Hat Web Terminal 1.12 on RHEL 9	1.12-4 ~ *	`cpe:/a:redhat:webterminal:1.12::el9`
Red Hat	RHEL-8 based Middleware Containers	7.13.5-4.1752066672 ~ *	`cpe:/a:redhat:rhosemc:1.0::el8`
Red Hat	RHEL-8 based Middleware Containers	7.13.5-4.1752065732 ~ *	`cpe:/a:redhat:rhosemc:1.0::el8`
Red Hat	RHEL-8 based Middleware Containers	7.13.5-4.1752065732 ~ *	`cpe:/a:redhat:rhosemc:1.0::el8`
Red Hat	RHEL-8 based Middleware Containers	7.13.5-3.1752065737 ~ *	`cpe:/a:redhat:rhosemc:1.0::el8`
Red Hat	RHEL-8 based Middleware Containers	7.13.5-4.1752065731 ~ *	`cpe:/a:redhat:rhosemc:1.0::el8`
Red Hat	RHEL-8 based Middleware Containers	7.13.5-25 ~ *	`cpe:/a:redhat:rhosemc:1.0::el8`
Red Hat	RHEL-8 based Middleware Containers	7.13.5-4.1752065736 ~ *	`cpe:/a:redhat:rhosemc:1.0::el8`
Red Hat	RHEL-8 based Middleware Containers	7.13.5-2.1752065733 ~ *	`cpe:/a:redhat:rhosemc:1.0::el8`
Red Hat	RHEL-8 based Middleware Containers	7.13.5-4.1752065755 ~ *	`cpe:/a:redhat:rhosemc:1.0::el8`
Red Hat	RHOSS-1.36-RHEL-8	1.36.0-11 ~ *	`cpe:/a:redhat:openshift_serverless:1.36::el8`
Red Hat	RHOSS-1.36-RHEL-8	1.36.0-11 ~ *	`cpe:/a:redhat:openshift_serverless:1.36::el8`
Red Hat	RHOSS-1.36-RHEL-8	1.36.0-11 ~ *	`cpe:/a:redhat:openshift_serverless:1.36::el8`
Red Hat	RHOSS-1.36-RHEL-8	1.36.0-10 ~ *	`cpe:/a:redhat:openshift_serverless:1.36::el8`
Red Hat	RHOSS-1.36-RHEL-8	1.36.0-10 ~ *	`cpe:/a:redhat:openshift_serverless:1.36::el8`
Red Hat	RHOSS-1.36-RHEL-8	1.36.0-4 ~ *	`cpe:/a:redhat:openshift_serverless:1.36::el8`
Red Hat	RHOSS-1.36-RHEL-8	1.36.0-9 ~ *	`cpe:/a:redhat:openshift_serverless:1.36::el8`
Red Hat	RHOSS-1.36-RHEL-8	1.36.0-18 ~ *	`cpe:/a:redhat:openshift_serverless:1.36::el8`
Red Hat	RHOSS-1.36-RHEL-8	1.36.0-11 ~ *	`cpe:/a:redhat:openshift_serverless:1.36::el8`
Red Hat	RHOSS-1.36-RHEL-8	1.36.0-7 ~ *	`cpe:/a:redhat:openshift_serverless:1.36::el8`
Red Hat	cert-manager operator for Red Hat OpenShift 1.16	sha256:1abdfac084e7c86e7a93a19e5cf6b54db79b903bfb7474a42200f753b29eda4b ~ *	`cpe:/a:redhat:cert_manager:1.16::el9`
Red Hat	Compliance Operator 1	sha256:06ad8599c4b0170264e40a45b0126504c87c37f0832265c7ff6541d2385b2049 ~ *	`cpe:/a:redhat:openshift_compliance_operator:1::el9`
Red Hat	Red Hat Discovery 2	sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de ~ *	`cpe:/a:redhat:discovery:2::el9`
Red Hat	Red Hat Discovery 2	sha256:1c67d8d526ab4f2854947f7dccd8752a2efd414c0f1cbab17706fa91147e7cda ~ *	`cpe:/a:redhat:discovery:2::el9`
Red Hat	Red Hat Insights proxy 1.5	sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea ~ *	`cpe:/a:redhat:insights_proxy:1.5::el9`
Red Hat	Red Hat OpenShift distributed tracing 3.6.0	sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57 ~ *	`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`
Red Hat	Red Hat OpenShift distributed tracing 3.6.0	sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba ~ *	`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`
Red Hat	Red Hat OpenShift distributed tracing 3.6.0	sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67 ~ *	`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`
Red Hat	Red Hat OpenShift distributed tracing 3.6.0	sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e ~ *	`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`
Red Hat	Red Hat OpenShift distributed tracing 3.6.0	sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695 ~ *	`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`
Red Hat	Red Hat OpenShift distributed tracing 3.6.0	sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767 ~ *	`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`
Red Hat	Red Hat OpenShift distributed tracing 3.6.0	sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064 ~ *	`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`
Red Hat	Red Hat OpenShift distributed tracing 3.6.0	sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6 ~ *	`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`
Red Hat	Red Hat OpenShift distributed tracing 3.6.0	sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0 ~ *	`cpe:/a:redhat:openshift_distributed_tracing:3.6::el8`
Red Hat	Red Hat OpenShift sandboxed containers 1.1	sha256:24722900db1425bf0c27f6ad6f3fb7d79ff9ebc433bdab58423fa71bab76122b ~ *	`cpe:/a:redhat:confidential_compute_attestation:1.10::el9`
Red Hat	Red Hat OpenShift sandboxed containers 1.1	sha256:9ff002e628e5646b5ab3cc9201087847bea29569b4a1bc135b89d5c1a5f0a422 ~ *	`cpe:/a:redhat:confidential_compute_attestation:1.10::el9`
Red Hat	Red Hat OpenShift sandboxed containers 1.1	sha256:8f29671308ca658e32e97d5c3b482f7541aae1bca1b71f39b3276a9a334d8108 ~ *	`cpe:/a:redhat:confidential_compute_attestation:1.10::el9`
Red Hat	Red Hat OpenShift sandboxed containers 1.1	sha256:59fb1f7f1653361d94f7d48b42d8fe19ed3263c1c78654837c11f2135544c1ac ~ *	`cpe:/a:redhat:confidential_compute_attestation:1.10::el9`

二、漏洞 CVE-2025-6020 的公开POC

#	POC 描述	源链接	神龙链接

AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2025-6020 的情报信息

Please 登录 to view more intelligence information

https://access.redhat.com/security/cve/CVE-2025-6020vdb-entryx_refsource_REDHAT
https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx
https://bugzilla.redhat.com/show_bug.cgi?id=2372512issue-trackingx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9526vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:0934vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10180vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:18219vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10358vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:17181vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:15828vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:20181vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:21885vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11386vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10354vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10361vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10735vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:16524vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10362vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:15099vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:15827vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10823vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:14557vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:15709vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10359vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10024vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10357vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10027vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22019vendor-advisoryx_refsource_REDHAT
https://nvd.nist.gov/vuln/detail/CVE-2025-6020

四、漏洞 CVE-2025-6020 的评论

暂无评论

支持本站 — 捐款将帮助我们持续运营

一、漏洞 CVE-2025-6020 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2025-6020 的公开POC

三、漏洞 CVE-2025-6020 的情报信息

四、漏洞 CVE-2025-6020 的评论

发表评论

支持本站 — 捐款将帮助我们持续运营

一、 漏洞 CVE-2025-6020 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2025-6020 的公开POC

三、漏洞 CVE-2025-6020 的情报信息

四、漏洞 CVE-2025-6020 的评论

发表评论

一、漏洞 CVE-2025-6020 基础信息