suse · CVE-2025-8941

Quick triage

Priority: high Published: 2025-08-13 23:32:33 UTC Updated: 2025-12-23 00:50:41 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2025-8941 severity important: SUSE including 14 source package names (pam, pam-1.1.8-23.el7_9.2, …), 181 product×package rows across 42 product lines (SLES-LTSS-TERADATA 15 SP2, SUSE Liberty Linux 7 LTSS, … (42 product lines)): Known Not Affected 174, Fixed 7.

Description:

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

cvelogic Threat Intelligence