Linux-PAM Privilege Escalation Vulnerability in pam_namespace Module

Vulnerability

A vulnerability exists in the Linux-PAM package, specifically in the pam_namespace module, which may improperly handle user-controlled paths. This flaw can lead to privilege escalation, allowing local users to gain root access by exploiting symlink attacks and race conditions. The issue is present in Linux-PAM versions through 1.7.0.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation, allowing a local user to gain root access.

Added: Jun 17, 2025, 1:23 PM

Updated: Jun 17, 2025, 1:23 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

5.0

exploitability

2.9

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

5.0

exploitability

2.9

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux-PAM Privilege Escalation Vulnerability in pam_namespace Module

Vulnerability

Impact

Affected Products

linux-pam

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating