7.8 CVE-2025-8941

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.
https://nvd.nist.gov/vuln/detail/CVE-2025-8941

References

secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:14557
https://access.redhat.com/errata/RHSA-2025:15099
https://access.redhat.com/errata/RHSA-2025:15100
https://access.redhat.com/errata/RHSA-2025:15101
https://access.redhat.com/errata/RHSA-2025:15102
https://access.redhat.com/errata/RHSA-2025:15103
https://access.redhat.com/errata/RHSA-2025:15104
https://access.redhat.com/errata/RHSA-2025:15105
https://access.redhat.com/errata/RHSA-2025:15106
https://access.redhat.com/errata/RHSA-2025:15107
https://access.redhat.com/errata/RHSA-2025:15709
https://access.redhat.com/errata/RHSA-2025:15827
https://access.redhat.com/errata/RHSA-2025:15828
https://access.redhat.com/errata/RHSA-2025:16524
https://access.redhat.com/errata/RHSA-2025:18219
https://access.redhat.com/security/cve/CVE-2025-8941
https://bugzilla.redhat.com/show_bug.cgi?id=2388220

CPE

cpe	start	end

REMEDIATION

EXPLOITS

Exploit-db.com

id	description	date
No known exploits

POC Github

Url
No known exploits

Other Nist (github, ...)

Url
No known exploits

CAPEC

Common Attack Pattern Enumerations and Classifications

id	description	severity
No entry

Cybersecurity needs ?

Strengthen software security from the outset with our DevSecOps expertise

Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.

Discover this offer

Soutenez No Hack Me sur Tipeee