CNNVD-202508-1387 Information

CNNVD ID

CNNVD-202508-1387

Related CVE

CVE-2025-8941

• CNNVD Published: 2025-08-13

Description (Chinese)

Linux-pam是美国Linux基金会的一款用于Linux的支持插拔式的系统身份验证软件。 Linux-pam存在路径遍历漏洞，该漏洞源于pam_namespace模块处理用户控制路径不当，可能导致权限提升。

Description (English)

Linux-pam is a system authentication software for Linux support plug-in from the Linux Foundation in the United States. Linux-pam has a loophole in its path, which stems from the inappropriate user control path of the Pam namespace module, which may lead to an increase in privileges.

Hazard Level

Medium

Vulnerability Type

路径遍历

Affected Vendor

Linux

Published

2025-08-13

Last Modified

2026-02-24

References

https://bugzilla.redhat.com/show_bug.cgi?id=2388220 https://access.redhat.com/security/cve/CVE-2025-8941 https://access.redhat.com/errata/RHSA-2025:14557 https://vigilance.fr/vulnerability/linux-pam-privilege-escalation-via-pam-namespace-48110 https://nvd.nist.gov/vuln/detail/CVE-2025-8941