Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.
Mon, 15 Sep 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:webterminal:1.12::el9 | |
References |
|
Mon, 15 Sep 2025 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat webterminal
|
|
CPEs | cpe:/a:redhat:webterminal:1.11::el9 | |
Vendors & Products |
Redhat webterminal
|
|
References |
|
Thu, 11 Sep 2025 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat confidential Compute Attestation
|
|
CPEs | cpe:/a:redhat:confidential_compute_attestation:1.10::el9 | |
Vendors & Products |
Redhat confidential Compute Attestation
|
|
References |
|
Wed, 03 Sep 2025 03:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Els
Redhat rhel Eus Redhat rhel Tus |
|
CPEs | cpe:/o:redhat:enterprise_linux:9 |
cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:rhel_e4s:9.2::appstream cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/o:redhat:enterprise_linux:9::baseos cpe:/o:redhat:rhel_aus:8.6::baseos cpe:/o:redhat:rhel_e4s:8.6::baseos cpe:/o:redhat:rhel_e4s:8.8::baseos cpe:/o:redhat:rhel_e4s:9.2::baseos cpe:/o:redhat:rhel_els:7 cpe:/o:redhat:rhel_eus:9.4::baseos cpe:/o:redhat:rhel_tus:8.6::baseos cpe:/o:redhat:rhel_tus:8.8::baseos |
Vendors & Products |
Redhat rhel Els
Redhat rhel Eus Redhat rhel Tus |
|
References |
|
Wed, 03 Sep 2025 01:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Aus
Redhat rhel Eus Long Life |
|
CPEs | cpe:/o:redhat:rhel_aus:8.2::baseos cpe:/o:redhat:rhel_aus:8.4::baseos cpe:/o:redhat:rhel_eus_long_life:8.4::baseos |
|
Vendors & Products |
Redhat rhel Aus
Redhat rhel Eus Long Life |
|
References |
|
Wed, 03 Sep 2025 01:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel E4s
|
|
CPEs | cpe:/a:redhat:rhel_e4s:9.0::appstream cpe:/o:redhat:rhel_e4s:9.0::baseos |
|
Vendors & Products |
Redhat rhel E4s
|
|
References |
|
Mon, 01 Sep 2025 09:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/o:redhat:enterprise_linux:8::baseos | |
References |
|
Thu, 14 Aug 2025 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Wed, 13 Aug 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 13 Aug 2025 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020. | |
Title | Linux-pam: incomplete fix for cve-2025-6020 | |
First Time appeared |
Redhat
Redhat enterprise Linux |
|
Weaknesses | CWE-22 | |
CPEs | cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat enterprise Linux |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-09-15T17:57:31.811Z
Reserved: 2025-08-13T12:24:47.522Z
Link: CVE-2025-8941

Updated: 2025-08-13T14:50:43.534Z

Status : Awaiting Analysis
Published: 2025-08-13T15:15:41.873
Modified: 2025-09-15T18:15:40.257
Link: CVE-2025-8941


No data.