CVEs-PoC/2025/CVE-2025-6020.md

CVE-2025-6020

Description

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

POC

Reference

• http://www.openwall.com/lists/oss-security/2025/06/17/1

Github

• https://github.com/11notes/docker-paperless-ngx
• https://github.com/Dariani223/DevOpsFinal
• https://github.com/fkie-cad/nvd-json-data-feeds
• https://github.com/ianmhambe/devsecops-blog-api
• https://github.com/runwhen-contrib/helm-charts
• https://github.com/w4zu/Debian_security