CVE-2025-6020 — Path Traversal in Azl3 PAM 1.5.3-5 ON Azure Linux 3.0

CWE-22 — Path Traversal11 documents7 sources

Severity

7.8HIGHNVD

EPSS

0.1%

top 78.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

PAM Debian PAM Msrc Azl3 PAM 1.5.3-5 ON Azure Linux 3.0 +2 more

Timeline

PublishedJun 17

Latest updateAug 13

Description

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages5 packages

▶msrcmsrc/azl3_pam_1.5.3-5_on_azure_linux_3.0

▶debiandebian/pam< pam 1.5.2-6+deb12u2 (bookworm)+1

▶Debianpam/pam< 1.4.0-9+deb11u2+3

▶msrcmsrc/cbl2_pam_1.5.1-7_on_cbl_mariner_2.0

▶msrcmsrc/cbl2_pam_1.5.1-8_on_cbl_mariner_2.0

🔴Vulnerability Details

GHSA

GHSA-hqqx-rjqh-53c2: A flaw was found in linux-pam↗2025-08-13

▶

OSV

CVE-2025-8941: A flaw was found in linux-pam↗2025-08-13

▶

OSV

CVE-2025-6020: A flaw was found in linux-pam↗2025-06-17

▶

📋Vendor Advisories

Red Hat

linux-pam: Incomplete fix for CVE-2025-6020↗2025-08-13

▶

Ubuntu

PAM vulnerability↗2025-06-18

▶

Red Hat

linux-pam: Linux-pam directory Traversal↗2025-06-17

▶

Microsoft

Linux-pam: linux-pam directory traversal↗2025-06-10

▶

Debian

CVE-2025-8941: pam - A flaw was found in linux-pam. The pam_namespace module may improperly handle us...↗2025

▶