Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-6020 (GCVE-0-2025-6020)
Vulnerability from cvelistv5
Published
2025-06-17 12:44
Modified
2025-07-30 15:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6020",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T13:30:00.379966Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T14:11:13.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-06-17T16:03:33.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/06/17/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/linux-pam/linux-pam",
"defaultStatus": "unaffected",
"packageName": "linux-pam",
"versions": [
{
"lessThan": "1.7.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_els:7"
],
"defaultStatus": "affected",
"packageName": "pam",
"product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.1.8-23.el7_9.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::baseos"
],
"defaultStatus": "affected",
"packageName": "pam",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.3.1-37.el8_10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_aus:8.2::baseos"
],
"defaultStatus": "affected",
"packageName": "pam",
"product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.3.1-8.el8_2.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_aus:8.4::baseos"
],
"defaultStatus": "affected",
"packageName": "pam",
"product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.3.1-14.el8_4.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_aus:8.6::baseos",
"cpe:/o:redhat:rhel_tus:8.6::baseos",
"cpe:/o:redhat:rhel_e4s:8.6::baseos"
],
"defaultStatus": "affected",
"packageName": "pam",
"product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.3.1-16.el8_6.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_aus:8.6::baseos",
"cpe:/o:redhat:rhel_tus:8.6::baseos",
"cpe:/o:redhat:rhel_e4s:8.6::baseos"
],
"defaultStatus": "affected",
"packageName": "pam",
"product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.3.1-16.el8_6.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_aus:8.6::baseos",
"cpe:/o:redhat:rhel_tus:8.6::baseos",
"cpe:/o:redhat:rhel_e4s:8.6::baseos"
],
"defaultStatus": "affected",
"packageName": "pam",
"product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.3.1-16.el8_6.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_e4s:8.8::baseos",
"cpe:/o:redhat:rhel_tus:8.8::baseos"
],
"defaultStatus": "affected",
"packageName": "pam",
"product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.3.1-26.el8_8.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_e4s:8.8::baseos",
"cpe:/o:redhat:rhel_tus:8.8::baseos"
],
"defaultStatus": "affected",
"packageName": "pam",
"product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.3.1-26.el8_8.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"packageName": "pam",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.5.1-25.el9_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"packageName": "pam",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.5.1-25.el9_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream",
"cpe:/o:redhat:rhel_e4s:9.0::baseos"
],
"defaultStatus": "affected",
"packageName": "pam",
"product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.5.1-9.el9_0.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_e4s:9.2::baseos",
"cpe:/a:redhat:rhel_e4s:9.2::appstream"
],
"defaultStatus": "affected",
"packageName": "pam",
"product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.5.1-15.el9_2.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus:9.4::baseos",
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"packageName": "pam",
"product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.5.1-24.el9_4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhosemc:1.0::el8"
],
"defaultStatus": "affected",
"packageName": "rhpam-7/rhpam-businesscentral-monitoring-rhel8",
"product": "RHEL-8 based Middleware Containers",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "7.13.5-4.1752066672",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhosemc:1.0::el8"
],
"defaultStatus": "affected",
"packageName": "rhpam-7/rhpam-businesscentral-rhel8",
"product": "RHEL-8 based Middleware Containers",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "7.13.5-4.1752065732",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhosemc:1.0::el8"
],
"defaultStatus": "affected",
"packageName": "rhpam-7/rhpam-controller-rhel8",
"product": "RHEL-8 based Middleware Containers",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "7.13.5-4.1752065732",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhosemc:1.0::el8"
],
"defaultStatus": "affected",
"packageName": "rhpam-7/rhpam-dashbuilder-rhel8",
"product": "RHEL-8 based Middleware Containers",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "7.13.5-3.1752065737",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhosemc:1.0::el8"
],
"defaultStatus": "affected",
"packageName": "rhpam-7/rhpam-kieserver-rhel8",
"product": "RHEL-8 based Middleware Containers",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "7.13.5-4.1752065731",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhosemc:1.0::el8"
],
"defaultStatus": "affected",
"packageName": "rhpam-7/rhpam-operator-bundle",
"product": "RHEL-8 based Middleware Containers",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "7.13.5-25",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhosemc:1.0::el8"
],
"defaultStatus": "affected",
"packageName": "rhpam-7/rhpam-process-migration-rhel8",
"product": "RHEL-8 based Middleware Containers",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "7.13.5-4.1752065736",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhosemc:1.0::el8"
],
"defaultStatus": "affected",
"packageName": "rhpam-7/rhpam-rhel8-operator",
"product": "RHEL-8 based Middleware Containers",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "7.13.5-2.1752065733",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhosemc:1.0::el8"
],
"defaultStatus": "affected",
"packageName": "rhpam-7/rhpam-smartrouter-rhel8",
"product": "RHEL-8 based Middleware Containers",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "7.13.5-4.1752065755",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:discovery:2::el9"
],
"defaultStatus": "affected",
"packageName": "registry.redhat.io/discovery/discovery-server-rhel9",
"product": "Red Hat Discovery 2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
],
"defaultStatus": "affected",
"packageName": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8",
"product": "Red Hat OpenShift distributed tracing 3.6.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
],
"defaultStatus": "affected",
"packageName": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator",
"product": "Red Hat OpenShift distributed tracing 3.6.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
],
"defaultStatus": "affected",
"packageName": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8",
"product": "Red Hat OpenShift distributed tracing 3.6.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
],
"defaultStatus": "affected",
"packageName": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8",
"product": "Red Hat OpenShift distributed tracing 3.6.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
],
"defaultStatus": "affected",
"packageName": "registry.redhat.io/rhosdt/tempo-gateway-rhel8",
"product": "Red Hat OpenShift distributed tracing 3.6.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
],
"defaultStatus": "affected",
"packageName": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8",
"product": "Red Hat OpenShift distributed tracing 3.6.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
],
"defaultStatus": "affected",
"packageName": "registry.redhat.io/rhosdt/tempo-query-rhel8",
"product": "Red Hat OpenShift distributed tracing 3.6.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
],
"defaultStatus": "affected",
"packageName": "registry.redhat.io/rhosdt/tempo-rhel8",
"product": "Red Hat OpenShift distributed tracing 3.6.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
],
"defaultStatus": "affected",
"packageName": "registry.redhat.io/rhosdt/tempo-rhel8-operator",
"product": "Red Hat OpenShift distributed tracing 3.6.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Olivier BAL-PETRE (ANSSI - French Cybersecurity Agency) for reporting this issue."
}
],
"datePublic": "2025-06-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T15:21:58.095Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2025:10024",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10024"
},
{
"name": "RHSA-2025:10027",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10027"
},
{
"name": "RHSA-2025:10180",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10180"
},
{
"name": "RHSA-2025:10354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10354"
},
{
"name": "RHSA-2025:10357",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10357"
},
{
"name": "RHSA-2025:10358",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10358"
},
{
"name": "RHSA-2025:10359",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10359"
},
{
"name": "RHSA-2025:10361",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10361"
},
{
"name": "RHSA-2025:10362",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10362"
},
{
"name": "RHSA-2025:10735",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10735"
},
{
"name": "RHSA-2025:10823",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10823"
},
{
"name": "RHSA-2025:11386",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:11386"
},
{
"name": "RHSA-2025:11487",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:11487"
},
{
"name": "RHSA-2025:9526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:9526"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"name": "RHBZ#2372512",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-12T16:33:01.214000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-06-17T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Linux-pam: linux-pam directory traversal",
"workarounds": [
{
"lang": "en",
"value": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`."
}
],
"x_redhatCweChain": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2025-6020",
"datePublished": "2025-06-17T12:44:08.646Z",
"dateReserved": "2025-06-11T22:38:25.643Z",
"dateUpdated": "2025-07-30T15:21:58.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-6020\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2025-06-17T13:15:21.660\",\"lastModified\":\"2025-07-21T20:15:42.027\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una falla en linux-pam. El m\u00f3dulo pam_namespace puede acceder a rutas controladas por el usuario sin la protecci\u00f3n adecuada, lo que permite a los usuarios locales elevar sus privilegios a root mediante m\u00faltiples ataques de enlace simb\u00f3lico y condiciones de ejecuci\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10024\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10027\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10180\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10354\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10357\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10358\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10359\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10361\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10362\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10735\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10823\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:11386\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:11487\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:9526\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-6020\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2372512\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/06/17/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2025/06/17/1\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-06-17T16:03:33.413Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-6020\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-17T13:30:00.379966Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-17T13:30:18.921Z\"}}], \"cna\": {\"title\": \"Linux-pam: linux-pam directory traversal\", \"credits\": [{\"lang\": \"en\", \"value\": \"Red Hat would like to thank Olivier BAL-PETRE (ANSSI - French Cybersecurity Agency) for reporting this issue.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.7.1\", \"versionType\": \"semver\"}], \"packageName\": \"linux-pam\", \"collectionURL\": \"https://github.com/linux-pam/linux-pam\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_els:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7 Extended Lifecycle Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.1.8-23.el7_9.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"pam\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.3.1-37.el8_10\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"pam\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_aus:8.2::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.2 Advanced Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.3.1-8.el8_2.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"pam\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_aus:8.4::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.3.1-14.el8_4.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"pam\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_aus:8.6::baseos\", \"cpe:/o:redhat:rhel_tus:8.6::baseos\", \"cpe:/o:redhat:rhel_e4s:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.3.1-16.el8_6.2\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"pam\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_aus:8.6::baseos\", \"cpe:/o:redhat:rhel_tus:8.6::baseos\", \"cpe:/o:redhat:rhel_e4s:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Telecommunications Update Service\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.3.1-16.el8_6.2\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"pam\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_aus:8.6::baseos\", \"cpe:/o:redhat:rhel_tus:8.6::baseos\", \"cpe:/o:redhat:rhel_e4s:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.3.1-16.el8_6.2\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"pam\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:8.8::baseos\", \"cpe:/o:redhat:rhel_tus:8.8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Telecommunications Update Service\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.3.1-26.el8_8.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"pam\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:8.8::baseos\", \"cpe:/o:redhat:rhel_tus:8.8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.3.1-26.el8_8.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"pam\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\", \"cpe:/o:redhat:enterprise_linux:9::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.5.1-25.el9_6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"pam\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\", \"cpe:/o:redhat:enterprise_linux:9::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.5.1-25.el9_6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"pam\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.0::appstream\", \"cpe:/o:redhat:rhel_e4s:9.0::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.5.1-9.el9_0.2\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"pam\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:9.2::baseos\", \"cpe:/a:redhat:rhel_e4s:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.5.1-15.el9_2.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"pam\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus:9.4::baseos\", \"cpe:/a:redhat:rhel_eus:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.4 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.5.1-24.el9_4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"pam\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhosemc:1.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHEL-8 based Middleware Containers\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"7.13.5-4.1752066672\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhpam-7/rhpam-businesscentral-monitoring-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhosemc:1.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHEL-8 based Middleware Containers\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"7.13.5-4.1752065732\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhpam-7/rhpam-businesscentral-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhosemc:1.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHEL-8 based Middleware Containers\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"7.13.5-4.1752065732\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhpam-7/rhpam-controller-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhosemc:1.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHEL-8 based Middleware Containers\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"7.13.5-3.1752065737\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhpam-7/rhpam-dashbuilder-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhosemc:1.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHEL-8 based Middleware Containers\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"7.13.5-4.1752065731\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhpam-7/rhpam-kieserver-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhosemc:1.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHEL-8 based Middleware Containers\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"7.13.5-25\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhpam-7/rhpam-operator-bundle\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhosemc:1.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHEL-8 based Middleware Containers\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"7.13.5-4.1752065736\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhpam-7/rhpam-process-migration-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhosemc:1.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHEL-8 based Middleware Containers\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"7.13.5-2.1752065733\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhpam-7/rhpam-rhel8-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhosemc:1.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHEL-8 based Middleware Containers\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"7.13.5-4.1752065755\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhpam-7/rhpam-smartrouter-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:discovery:2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Discovery 2\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"registry.redhat.io/discovery/discovery-server-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.6.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"registry.redhat.io/rhosdt/opentelemetry-collector-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.6.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"registry.redhat.io/rhosdt/opentelemetry-rhel8-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.6.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.6.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.6.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"registry.redhat.io/rhosdt/tempo-gateway-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.6.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.6.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"registry.redhat.io/rhosdt/tempo-query-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.6.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"registry.redhat.io/rhosdt/tempo-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.6.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"registry.redhat.io/rhosdt/tempo-rhel8-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-06-12T16:33:01.214000+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2025-06-17T00:00:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2025-06-17T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2025:10024\", \"name\": \"RHSA-2025:10024\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10027\", \"name\": \"RHSA-2025:10027\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10180\", \"name\": \"RHSA-2025:10180\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10354\", \"name\": \"RHSA-2025:10354\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10357\", \"name\": \"RHSA-2025:10357\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10358\", \"name\": \"RHSA-2025:10358\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10359\", \"name\": \"RHSA-2025:10359\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10361\", \"name\": \"RHSA-2025:10361\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10362\", \"name\": \"RHSA-2025:10362\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10735\", \"name\": \"RHSA-2025:10735\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10823\", \"name\": \"RHSA-2025:10823\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:11386\", \"name\": \"RHSA-2025:11386\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:11487\", \"name\": \"RHSA-2025:11487\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:9526\", \"name\": \"RHSA-2025:9526\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2025-6020\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2372512\", \"name\": \"RHBZ#2372512\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-07-30T15:21:58.095Z\"}, \"x_redhatCweChain\": \"CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-6020\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-30T15:21:58.095Z\", \"dateReserved\": \"2025-06-11T22:38:25.643Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2025-06-17T12:44:08.646Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
rhsa-2025:10180
Vulnerability from csaf_redhat
Published
2025-07-02 05:27
Modified
2025-07-30 15:36
Summary
Red Hat Security Advisory: pam security update
Notes
Topic
An update for pam is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.
Security Fix(es):
* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pam is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.\n\nSecurity Fix(es):\n\n* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10180",
"url": "https://access.redhat.com/errata/RHSA-2025:10180"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10180.json"
}
],
"title": "Red Hat Security Advisory: pam security update",
"tracking": {
"current_release_date": "2025-07-30T15:36:01+00:00",
"generator": {
"date": "2025-07-30T15:36:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.5"
}
},
"id": "RHSA-2025:10180",
"initial_release_date": "2025-07-02T05:27:20+00:00",
"revision_history": [
{
"date": "2025-07-02T05:27:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-02T05:27:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-07-30T15:36:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.2::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:9.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.5.1-15.el9_2.1.src",
"product": {
"name": "pam-0:1.5.1-15.el9_2.1.src",
"product_id": "pam-0:1.5.1-15.el9_2.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-15.el9_2.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.5.1-15.el9_2.1.aarch64",
"product": {
"name": "pam-0:1.5.1-15.el9_2.1.aarch64",
"product_id": "pam-0:1.5.1-15.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-15.el9_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.aarch64",
"product": {
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.aarch64",
"product_id": "pam-debugsource-0:1.5.1-15.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-15.el9_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64",
"product": {
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64",
"product_id": "pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-15.el9_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-15.el9_2.1.aarch64",
"product": {
"name": "pam-devel-0:1.5.1-15.el9_2.1.aarch64",
"product_id": "pam-devel-0:1.5.1-15.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-15.el9_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-15.el9_2.1.aarch64",
"product": {
"name": "pam-docs-0:1.5.1-15.el9_2.1.aarch64",
"product_id": "pam-docs-0:1.5.1-15.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-15.el9_2.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.5.1-15.el9_2.1.ppc64le",
"product": {
"name": "pam-0:1.5.1-15.el9_2.1.ppc64le",
"product_id": "pam-0:1.5.1-15.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-15.el9_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le",
"product": {
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le",
"product_id": "pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-15.el9_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le",
"product": {
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le",
"product_id": "pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-15.el9_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-15.el9_2.1.ppc64le",
"product": {
"name": "pam-devel-0:1.5.1-15.el9_2.1.ppc64le",
"product_id": "pam-devel-0:1.5.1-15.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-15.el9_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-15.el9_2.1.ppc64le",
"product": {
"name": "pam-docs-0:1.5.1-15.el9_2.1.ppc64le",
"product_id": "pam-docs-0:1.5.1-15.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-15.el9_2.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.5.1-15.el9_2.1.i686",
"product": {
"name": "pam-0:1.5.1-15.el9_2.1.i686",
"product_id": "pam-0:1.5.1-15.el9_2.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-15.el9_2.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.i686",
"product": {
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.i686",
"product_id": "pam-debugsource-0:1.5.1-15.el9_2.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-15.el9_2.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.i686",
"product": {
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.i686",
"product_id": "pam-debuginfo-0:1.5.1-15.el9_2.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-15.el9_2.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-15.el9_2.1.i686",
"product": {
"name": "pam-devel-0:1.5.1-15.el9_2.1.i686",
"product_id": "pam-devel-0:1.5.1-15.el9_2.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-15.el9_2.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.5.1-15.el9_2.1.x86_64",
"product": {
"name": "pam-0:1.5.1-15.el9_2.1.x86_64",
"product_id": "pam-0:1.5.1-15.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-15.el9_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.x86_64",
"product": {
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.x86_64",
"product_id": "pam-debugsource-0:1.5.1-15.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-15.el9_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64",
"product": {
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64",
"product_id": "pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-15.el9_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-15.el9_2.1.x86_64",
"product": {
"name": "pam-devel-0:1.5.1-15.el9_2.1.x86_64",
"product_id": "pam-devel-0:1.5.1-15.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-15.el9_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-15.el9_2.1.x86_64",
"product": {
"name": "pam-docs-0:1.5.1-15.el9_2.1.x86_64",
"product_id": "pam-docs-0:1.5.1-15.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-15.el9_2.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.5.1-15.el9_2.1.s390x",
"product": {
"name": "pam-0:1.5.1-15.el9_2.1.s390x",
"product_id": "pam-0:1.5.1-15.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-15.el9_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.s390x",
"product": {
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.s390x",
"product_id": "pam-debugsource-0:1.5.1-15.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-15.el9_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.s390x",
"product": {
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.s390x",
"product_id": "pam-debuginfo-0:1.5.1-15.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-15.el9_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-15.el9_2.1.s390x",
"product": {
"name": "pam-devel-0:1.5.1-15.el9_2.1.s390x",
"product_id": "pam-devel-0:1.5.1-15.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-15.el9_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-15.el9_2.1.s390x",
"product": {
"name": "pam-docs-0:1.5.1-15.el9_2.1.s390x",
"product_id": "pam-docs-0:1.5.1-15.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-15.el9_2.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-15.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.aarch64"
},
"product_reference": "pam-0:1.5.1-15.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-15.el9_2.1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.i686"
},
"product_reference": "pam-0:1.5.1-15.el9_2.1.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-15.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.ppc64le"
},
"product_reference": "pam-0:1.5.1-15.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-15.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.s390x"
},
"product_reference": "pam-0:1.5.1-15.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-15.el9_2.1.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.src"
},
"product_reference": "pam-0:1.5.1-15.el9_2.1.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-15.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.x86_64"
},
"product_reference": "pam-0:1.5.1-15.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64"
},
"product_reference": "pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.i686"
},
"product_reference": "pam-debuginfo-0:1.5.1-15.el9_2.1.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le"
},
"product_reference": "pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.s390x"
},
"product_reference": "pam-debuginfo-0:1.5.1-15.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64"
},
"product_reference": "pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.aarch64"
},
"product_reference": "pam-debugsource-0:1.5.1-15.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.i686"
},
"product_reference": "pam-debugsource-0:1.5.1-15.el9_2.1.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le"
},
"product_reference": "pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.s390x"
},
"product_reference": "pam-debugsource-0:1.5.1-15.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.x86_64"
},
"product_reference": "pam-debugsource-0:1.5.1-15.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-15.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.aarch64"
},
"product_reference": "pam-devel-0:1.5.1-15.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-15.el9_2.1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.i686"
},
"product_reference": "pam-devel-0:1.5.1-15.el9_2.1.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-15.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.ppc64le"
},
"product_reference": "pam-devel-0:1.5.1-15.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-15.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.s390x"
},
"product_reference": "pam-devel-0:1.5.1-15.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-15.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.x86_64"
},
"product_reference": "pam-devel-0:1.5.1-15.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-15.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.aarch64"
},
"product_reference": "pam-docs-0:1.5.1-15.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-15.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.ppc64le"
},
"product_reference": "pam-docs-0:1.5.1-15.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-15.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.s390x"
},
"product_reference": "pam-docs-0:1.5.1-15.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-15.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.x86_64"
},
"product_reference": "pam-docs-0:1.5.1-15.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-15.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.aarch64"
},
"product_reference": "pam-0:1.5.1-15.el9_2.1.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-15.el9_2.1.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.i686"
},
"product_reference": "pam-0:1.5.1-15.el9_2.1.i686",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-15.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.ppc64le"
},
"product_reference": "pam-0:1.5.1-15.el9_2.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-15.el9_2.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.s390x"
},
"product_reference": "pam-0:1.5.1-15.el9_2.1.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-15.el9_2.1.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.src"
},
"product_reference": "pam-0:1.5.1-15.el9_2.1.src",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-15.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.x86_64"
},
"product_reference": "pam-0:1.5.1-15.el9_2.1.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64"
},
"product_reference": "pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.i686"
},
"product_reference": "pam-debuginfo-0:1.5.1-15.el9_2.1.i686",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le"
},
"product_reference": "pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.s390x"
},
"product_reference": "pam-debuginfo-0:1.5.1-15.el9_2.1.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64"
},
"product_reference": "pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.aarch64"
},
"product_reference": "pam-debugsource-0:1.5.1-15.el9_2.1.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.i686"
},
"product_reference": "pam-debugsource-0:1.5.1-15.el9_2.1.i686",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le"
},
"product_reference": "pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.s390x"
},
"product_reference": "pam-debugsource-0:1.5.1-15.el9_2.1.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-15.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.x86_64"
},
"product_reference": "pam-debugsource-0:1.5.1-15.el9_2.1.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-15.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.aarch64"
},
"product_reference": "pam-devel-0:1.5.1-15.el9_2.1.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-15.el9_2.1.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.i686"
},
"product_reference": "pam-devel-0:1.5.1-15.el9_2.1.i686",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-15.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.ppc64le"
},
"product_reference": "pam-devel-0:1.5.1-15.el9_2.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-15.el9_2.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.s390x"
},
"product_reference": "pam-devel-0:1.5.1-15.el9_2.1.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-15.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.x86_64"
},
"product_reference": "pam-devel-0:1.5.1-15.el9_2.1.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-15.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.aarch64"
},
"product_reference": "pam-docs-0:1.5.1-15.el9_2.1.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-15.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.ppc64le"
},
"product_reference": "pam-docs-0:1.5.1-15.el9_2.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-15.el9_2.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.s390x"
},
"product_reference": "pam-docs-0:1.5.1-15.el9_2.1.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-15.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.x86_64"
},
"product_reference": "pam-docs-0:1.5.1-15.el9_2.1.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.src",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.src",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-02T05:27:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.src",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.src",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10180"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.src",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.src",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.src",
"AppStream-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.i686",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.src",
"BaseOS-9.2.0.Z.E4S:pam-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-debuginfo-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-debugsource-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.i686",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-devel-0:1.5.1-15.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:pam-docs-0:1.5.1-15.el9_2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
}
]
}
rhsa-2025:10735
Vulnerability from csaf_redhat
Published
2025-07-09 14:31
Modified
2025-07-30 15:34
Summary
Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.6.1 release
Notes
Topic
Red Hat build of OpenTelemetry 3.6.1 has been released
Details
This release of the Red Hat build of OpenTelemetry provides a CVE fix.
Breaking changes:
* Nothing
Deprecations:
* Nothing
Technology Preview features:
* Nothing
Enhancements:
* Nothing
Bug fixes:
* Nothing
Known issues:
* Nothing
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat build of OpenTelemetry 3.6.1 has been released",
"title": "Topic"
},
{
"category": "general",
"text": "This release of the Red Hat build of OpenTelemetry provides a CVE fix.\n\nBreaking changes:\n* Nothing\n\nDeprecations:\n* Nothing\n\nTechnology Preview features:\n* Nothing\n\nEnhancements:\n* Nothing\n\nBug fixes:\n* Nothing\n\nKnown issues:\n* Nothing",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10735",
"url": "https://access.redhat.com/errata/RHSA-2025:10735"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-4673",
"url": "https://access.redhat.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6020",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/red_hat_build_of_opentelemetry",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/red_hat_build_of_opentelemetry"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10735.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.6.1 release",
"tracking": {
"current_release_date": "2025-07-30T15:34:12+00:00",
"generator": {
"date": "2025-07-30T15:34:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.5"
}
},
"id": "RHSA-2025:10735",
"initial_release_date": "2025-07-09T14:31:36+00:00",
"revision_history": [
{
"date": "2025-07-09T14:31:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-09T14:31:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-07-30T15:34:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift distributed tracing 3.6.1",
"product": {
"name": "Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift distributed tracing"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-operator-bundle@sha256%3A4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752053203"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256%3A93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046452"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256%3Ac18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046437"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-target-allocator-rhel8@sha256%3A46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046439"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256%3A77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046452"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256%3A643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046437"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-target-allocator-rhel8@sha256%3Af49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046439"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256%3A40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046452"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256%3A39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046437"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-target-allocator-rhel8@sha256%3A18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046439"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256%3A1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046452"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256%3A5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046437"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-target-allocator-rhel8@sha256%3A281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046439"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4673",
"discovery_date": "2025-06-18T06:34:57.662025+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373305"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect responses, unintentionally exposing authentication details to unauthorized parties.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The issue is rated as Moderate because while it can lead to a significant compromise of confidentiality, the attack complexity is high. Successful exploitation requires a specific set of circumstances, including the use of a proxy that relies on these headers for authentication and a user being enticed to interact with a malicious URL. The vulnerability does not allow for arbitrary code execution or a direct compromise of system integrity or availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "RHBZ#2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"category": "external",
"summary": "https://go.dev/cl/679257",
"url": "https://go.dev/cl/679257"
},
{
"category": "external",
"summary": "https://go.dev/issue/73816",
"url": "https://go.dev/issue/73816"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3751",
"url": "https://pkg.go.dev/vuln/GO-2025-3751"
}
],
"release_date": "2025-06-11T16:42:53.054000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T14:31:36+00:00",
"details": "For details on how to apply this update, refer to:\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10735"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http"
},
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T14:31:36+00:00",
"details": "For details on how to apply this update, refer to:\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10735"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
}
]
}
rhsa-2025:11487
Vulnerability from csaf_redhat
Published
2025-07-21 19:25
Modified
2025-08-13 09:00
Summary
Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage
Notes
Topic
A Subscription Management tool for finding and reporting Red Hat product usage
Details
Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds, identifies, and reports environment data, or facts, such as the number of physical and virtual systems on a network, their operating systems, and relevant configuration data stored within them. Discovery also identifies and reports more detailed facts for some versions of key Red Hat packages and products that it finds in the network.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A Subscription Management tool for finding and reporting Red Hat product usage",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds, identifies, and reports environment data, or facts, such as the number of physical and virtual systems on a network, their operating systems, and relevant configuration data stored within them. Discovery also identifies and reports more detailed facts for some versions of key Red Hat packages and products that it finds in the network.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:11487",
"url": "https://access.redhat.com/errata/RHSA-2025:11487"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-53920",
"url": "https://access.redhat.com/security/cve/CVE-2024-53920"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-25724",
"url": "https://access.redhat.com/security/cve/CVE-2025-25724"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-3576",
"url": "https://access.redhat.com/security/cve/CVE-2025-3576"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-4802",
"url": "https://access.redhat.com/security/cve/CVE-2025-4802"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-5702",
"url": "https://access.redhat.com/security/cve/CVE-2025-5702"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6020",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/subscription_central/1-latest/#Discovery",
"url": "https://docs.redhat.com/en/documentation/subscription_central/1-latest/#Discovery"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_11487.json"
}
],
"title": "Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage",
"tracking": {
"current_release_date": "2025-08-13T09:00:09+00:00",
"generator": {
"date": "2025-08-13T09:00:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:11487",
"initial_release_date": "2025-07-21T19:25:21+00:00",
"revision_history": [
{
"date": "2025-07-21T19:25:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-21T19:25:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-13T09:00:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Discovery 2",
"product": {
"name": "Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:discovery:2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Discovery"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64",
"product": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64",
"product_id": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-server-rhel9@sha256%3Ac499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3?arch=amd64\u0026repository_url=registry.redhat.io/discovery\u0026tag=2.0.0-1752592913"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64",
"product": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64",
"product_id": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-ui-rhel9@sha256%3Acb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948?arch=amd64\u0026repository_url=registry.redhat.io/discovery\u0026tag=2.0.0-1752593703"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"product": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"product_id": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-server-rhel9@sha256%3Abd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de?arch=arm64\u0026repository_url=registry.redhat.io/discovery\u0026tag=2.0.0-1752592913"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"product": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"product_id": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-ui-rhel9@sha256%3A728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7?arch=arm64\u0026repository_url=registry.redhat.io/discovery\u0026tag=2.0.0-1752593703"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64"
},
"product_reference": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"relates_to_product_reference": "Red Hat Discovery 2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64"
},
"product_reference": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64",
"relates_to_product_reference": "Red Hat Discovery 2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64"
},
"product_reference": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"relates_to_product_reference": "Red Hat Discovery 2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
},
"product_reference": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64",
"relates_to_product_reference": "Red Hat Discovery 2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-53920",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2024-11-27T15:01:05.611448+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2329161"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Emacs. Viewing or editing an untrusted Emacs Lisp source code file can cause arbitrary code execution due to unsafe macro expansion when a user has configured elisp-completion-at-point for code completion or has enabled automatic error checking, such as Flymake or Flycheck.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "emacs: arbitrary code execution via Lisp macro expansion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to trick a user into opening an Emacs Lisp source code file with a crafted macro definition. Additionally, the user must have `elisp-completion-at-point` configured or automatic error checking enabled.\nFor these reasons, this flaw has been rated with a Moderate severity.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform leverages a web application firewall (WAF) to filter and block malicious input before it reaches the application. It applies managed and custom rule sets to detect suspicious patterns such as embedded scripting functions and remote code execution attempts. By enforcing strict input validation and preventing unauthorized execution of user-supplied code, the WAF reduces the risk of exploitation. Additional protections like rate limiting and bot mitigation help prevent automated injection attacks, while integration with logging, monitoring, and threat detection systems enhances visibility and response capabilities. Through real-time monitoring and automated blocking, the WAF provides a strong layer of defense against code injection vulnerabilities, lowering the likelihood of successful exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-53920"
},
{
"category": "external",
"summary": "RHBZ#2329161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2329161"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-53920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53920"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-53920",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53920"
},
{
"category": "external",
"summary": "https://eshelyaron.com/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.html",
"url": "https://eshelyaron.com/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.html"
},
{
"category": "external",
"summary": "https://yhetil.org/emacs/CAFXAjY5f4YfHAtZur1RAqH34UbYU56_t6t2Er0YEh1Sb7-W=hg%40mail.gmail.com/",
"url": "https://yhetil.org/emacs/CAFXAjY5f4YfHAtZur1RAqH34UbYU56_t6t2Er0YEh1Sb7-W=hg%40mail.gmail.com/"
}
],
"release_date": "2024-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-21T19:25:21+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11487"
},
{
"category": "workaround",
"details": "Do not open or view untrusted Emacs Lisp source code files.\n\nDisabling auto-completion features and automatic error checking such as Flymake or Flycheck in untrusted Emacs Lisp source code files will mitigate this vulnerability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "emacs: arbitrary code execution via Lisp macro expansion"
},
{
"cve": "CVE-2025-3576",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"discovery_date": "2025-04-14T11:00:53.484000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2359465"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is classified as a moderate severity vulnerability because it affects the handling of PKINIT requests during ASN.1 decoding in krb5. Exploitation requires specific and uncommon configurations, including a Kerberos environment with PKINIT enabled. Additionally, successful exploitation depends on triggering specific memory allocation failures or parser behaviors, contributing to a high attack complexity.The attack requires that PKINIT is actively configured and in use, and cannot be exploited remotely without this setup in place, making the practical risk limited in standard environments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-3576"
},
{
"category": "external",
"summary": "RHBZ#2359465",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359465"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-3576",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3576"
},
{
"category": "external",
"summary": "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html",
"url": "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html"
}
],
"release_date": "2025-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-21T19:25:21+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11487"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions"
},
{
"cve": "CVE-2025-4802",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2025-05-20T12:53:17.126000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2367468"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the glibc library. A statically linked setuid binary that calls dlopen(), including internal dlopen() calls after setlocale() or calls to NSS functions such as getaddrinfo(), may incorrectly search LD_LIBRARY_PATH to determine which library to load, allowing a local attacker to load malicious shared libraries, escalate privileges and execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue can only be exploitable by a local attacker via a static setuid program that calls the dlopen function, causing the library to search LD_LIBRARY_PATH to locate the shared object name to load. No such programs have been found in Red Hat Enterprise Linux at the time of publishing this advisory. However, custom setuid programs, although strongly discouraged as a security practice, may exist and can not be discarded. Due to these reasons, this flaw has been rated with a moderate severity.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-426: Untrusted Search Path) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces least functionality by enabling only essential features, services, and ports, thereby reducing the system\u2019s attack surface. Static code analysis, peer reviews, and robust input validation and error handling detect unsafe input that could affect execution timing or path resolution. Real-time threat detection, including IPS/IDS, antimalware, and continuous system monitoring, enables rapid identification of exploitation attempts. Process isolation and Kubernetes orchestration reduce the likelihood of concurrent execution conflicts and contain any impact to isolated workloads. Executable search paths are restricted to trusted, explicitly defined directories, mitigating the risk of executing malicious files. These controls effectively lower the likelihood and impact of race conditions and untrusted path exploitation in the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4802"
},
{
"category": "external",
"summary": "RHBZ#2367468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367468"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4802",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4802"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/16/7",
"url": "https://www.openwall.com/lists/oss-security/2025/05/16/7"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/17/2",
"url": "https://www.openwall.com/lists/oss-security/2025/05/17/2"
}
],
"release_date": "2025-05-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-21T19:25:21+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11487"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH"
},
{
"cve": "CVE-2025-5702",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2025-06-05T19:00:53.922197+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370472"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the optimized strcmp glibc function for the Power10 CPU architecture. GNU C library versions from 2.39 onward overwrite two vector registers in a way that can disrupt the control flow of a program.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glibc: Vector register overwrite bug in glibc",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is marked as a Moderate vulnerability rather than an Important one because, while it violates the PowerPC64LE ABI by overwriting non-volatile vector registers (v20 to v31) in the optimized strcmp implementation, its impact is highly context-dependent. The vulnerability does not result in immediate memory corruption, privilege escalation, or remote code execution on its own. It only poses a risk if the overwritten registers were actively holding critical state across the call to strcmp, which is uncommon in typical usage patterns of the function. Moreover, since this issue occurs in an architecture-specific optimization path for Power10 and affects a relatively recent version of glibc (2.39+), its exposure is limited in scope and deployment.\n\nNote that this vulnerability only impacts POWER10 (ppc64le), not POWER9, nor the aarch64, s390x, x86-64 products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5702"
},
{
"category": "external",
"summary": "RHBZ#2370472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370472"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5702",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5702"
},
{
"category": "external",
"summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=33056",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33056"
}
],
"release_date": "2025-06-05T18:23:57.872000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-21T19:25:21+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11487"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glibc: Vector register overwrite bug in glibc"
},
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-21T19:25:21+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11487"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
},
{
"cve": "CVE-2025-25724",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"discovery_date": "2025-03-02T02:00:39.907582+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2349221"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the libarchive package. Affected versions of libarchive do not check a strftime return value, which can lead to a denial of service or unspecified other impacts via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libarchive: Buffer Overflow vulnerability in libarchive",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-252: Unchecked Return Value vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nReturn values from critical operations are consistently evaluated through enforced development standards and automated static analysis, reducing the likelihood of logic flaws or silent failures reaching production. Error-handling routines are integrated into application behavior to ensure that failures are properly logged, traced, and contained, maintaining system stability under fault conditions. Additionally, the platform is designed to respond to errors predictably, preventing uncontrolled behavior and ensuring that processes fail in a known, recoverable state.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-25724"
},
{
"category": "external",
"summary": "RHBZ#2349221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-25724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25724"
},
{
"category": "external",
"summary": "https://gist.github.com/Ekkosun/a83870ce7f3b7813b9b462a395e8ad92",
"url": "https://gist.github.com/Ekkosun/a83870ce7f3b7813b9b462a395e8ad92"
},
{
"category": "external",
"summary": "https://github.com/Ekkosun/pocs/blob/main/bsdtarbug",
"url": "https://github.com/Ekkosun/pocs/blob/main/bsdtarbug"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/blob/b439d586f53911c84be5e380445a8a259e19114c/tar/util.c#L751-L752",
"url": "https://github.com/libarchive/libarchive/blob/b439d586f53911c84be5e380445a8a259e19114c/tar/util.c#L751-L752"
}
],
"release_date": "2025-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-21T19:25:21+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11487"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c499a099e03c7488ffe50529a34723ade191a89fcfc59d1f0edd01db2b579ca3_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:728ad644c83c3828f8bdc3b6aad9b1d30110f9911f0febcea5f0cfedc6b29dc7_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:cb27ba3c1340e59001ddf83d311d952a4c11f9d4fa18bdab9f4a914370957948_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libarchive: Buffer Overflow vulnerability in libarchive"
}
]
}
rhsa-2025:9526
Vulnerability from csaf_redhat
Published
2025-06-24 12:35
Modified
2025-07-30 15:33
Summary
Red Hat Security Advisory: pam security update
Notes
Topic
An update for pam is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.
Security Fix(es):
* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pam is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.\n\nSecurity Fix(es):\n\n* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:9526",
"url": "https://access.redhat.com/errata/RHSA-2025:9526"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_9526.json"
}
],
"title": "Red Hat Security Advisory: pam security update",
"tracking": {
"current_release_date": "2025-07-30T15:33:43+00:00",
"generator": {
"date": "2025-07-30T15:33:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.5"
}
},
"id": "RHSA-2025:9526",
"initial_release_date": "2025-06-24T12:35:18+00:00",
"revision_history": [
{
"date": "2025-06-24T12:35:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-06-24T12:35:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-07-30T15:33:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-25.el9_6.aarch64",
"product": {
"name": "pam-devel-0:1.5.1-25.el9_6.aarch64",
"product_id": "pam-devel-0:1.5.1-25.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-25.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-25.el9_6.aarch64",
"product": {
"name": "pam-docs-0:1.5.1-25.el9_6.aarch64",
"product_id": "pam-docs-0:1.5.1-25.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-25.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-25.el9_6.aarch64",
"product": {
"name": "pam-debugsource-0:1.5.1-25.el9_6.aarch64",
"product_id": "pam-debugsource-0:1.5.1-25.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-25.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-25.el9_6.aarch64",
"product": {
"name": "pam-debuginfo-0:1.5.1-25.el9_6.aarch64",
"product_id": "pam-debuginfo-0:1.5.1-25.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-25.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-0:1.5.1-25.el9_6.aarch64",
"product": {
"name": "pam-0:1.5.1-25.el9_6.aarch64",
"product_id": "pam-0:1.5.1-25.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-25.el9_6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-25.el9_6.ppc64le",
"product": {
"name": "pam-devel-0:1.5.1-25.el9_6.ppc64le",
"product_id": "pam-devel-0:1.5.1-25.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-25.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-25.el9_6.ppc64le",
"product": {
"name": "pam-docs-0:1.5.1-25.el9_6.ppc64le",
"product_id": "pam-docs-0:1.5.1-25.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-25.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-25.el9_6.ppc64le",
"product": {
"name": "pam-debugsource-0:1.5.1-25.el9_6.ppc64le",
"product_id": "pam-debugsource-0:1.5.1-25.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-25.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-25.el9_6.ppc64le",
"product": {
"name": "pam-debuginfo-0:1.5.1-25.el9_6.ppc64le",
"product_id": "pam-debuginfo-0:1.5.1-25.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-25.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-0:1.5.1-25.el9_6.ppc64le",
"product": {
"name": "pam-0:1.5.1-25.el9_6.ppc64le",
"product_id": "pam-0:1.5.1-25.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-25.el9_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-25.el9_6.i686",
"product": {
"name": "pam-devel-0:1.5.1-25.el9_6.i686",
"product_id": "pam-devel-0:1.5.1-25.el9_6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-25.el9_6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-25.el9_6.i686",
"product": {
"name": "pam-debugsource-0:1.5.1-25.el9_6.i686",
"product_id": "pam-debugsource-0:1.5.1-25.el9_6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-25.el9_6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-25.el9_6.i686",
"product": {
"name": "pam-debuginfo-0:1.5.1-25.el9_6.i686",
"product_id": "pam-debuginfo-0:1.5.1-25.el9_6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-25.el9_6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-0:1.5.1-25.el9_6.i686",
"product": {
"name": "pam-0:1.5.1-25.el9_6.i686",
"product_id": "pam-0:1.5.1-25.el9_6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-25.el9_6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-25.el9_6.x86_64",
"product": {
"name": "pam-devel-0:1.5.1-25.el9_6.x86_64",
"product_id": "pam-devel-0:1.5.1-25.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-25.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-25.el9_6.x86_64",
"product": {
"name": "pam-docs-0:1.5.1-25.el9_6.x86_64",
"product_id": "pam-docs-0:1.5.1-25.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-25.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-25.el9_6.x86_64",
"product": {
"name": "pam-debugsource-0:1.5.1-25.el9_6.x86_64",
"product_id": "pam-debugsource-0:1.5.1-25.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-25.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-25.el9_6.x86_64",
"product": {
"name": "pam-debuginfo-0:1.5.1-25.el9_6.x86_64",
"product_id": "pam-debuginfo-0:1.5.1-25.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-25.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-0:1.5.1-25.el9_6.x86_64",
"product": {
"name": "pam-0:1.5.1-25.el9_6.x86_64",
"product_id": "pam-0:1.5.1-25.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-25.el9_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-25.el9_6.s390x",
"product": {
"name": "pam-devel-0:1.5.1-25.el9_6.s390x",
"product_id": "pam-devel-0:1.5.1-25.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-25.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-25.el9_6.s390x",
"product": {
"name": "pam-docs-0:1.5.1-25.el9_6.s390x",
"product_id": "pam-docs-0:1.5.1-25.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-25.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-25.el9_6.s390x",
"product": {
"name": "pam-debugsource-0:1.5.1-25.el9_6.s390x",
"product_id": "pam-debugsource-0:1.5.1-25.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-25.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-25.el9_6.s390x",
"product": {
"name": "pam-debuginfo-0:1.5.1-25.el9_6.s390x",
"product_id": "pam-debuginfo-0:1.5.1-25.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-25.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-0:1.5.1-25.el9_6.s390x",
"product": {
"name": "pam-0:1.5.1-25.el9_6.s390x",
"product_id": "pam-0:1.5.1-25.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-25.el9_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.5.1-25.el9_6.src",
"product": {
"name": "pam-0:1.5.1-25.el9_6.src",
"product_id": "pam-0:1.5.1-25.el9_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-25.el9_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-25.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.aarch64"
},
"product_reference": "pam-0:1.5.1-25.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-25.el9_6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.i686"
},
"product_reference": "pam-0:1.5.1-25.el9_6.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-25.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.ppc64le"
},
"product_reference": "pam-0:1.5.1-25.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-25.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.s390x"
},
"product_reference": "pam-0:1.5.1-25.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-25.el9_6.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.src"
},
"product_reference": "pam-0:1.5.1-25.el9_6.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-25.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.x86_64"
},
"product_reference": "pam-0:1.5.1-25.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-25.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.aarch64"
},
"product_reference": "pam-debuginfo-0:1.5.1-25.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-25.el9_6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.i686"
},
"product_reference": "pam-debuginfo-0:1.5.1-25.el9_6.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-25.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.ppc64le"
},
"product_reference": "pam-debuginfo-0:1.5.1-25.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-25.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.s390x"
},
"product_reference": "pam-debuginfo-0:1.5.1-25.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-25.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.x86_64"
},
"product_reference": "pam-debuginfo-0:1.5.1-25.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-25.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.aarch64"
},
"product_reference": "pam-debugsource-0:1.5.1-25.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-25.el9_6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.i686"
},
"product_reference": "pam-debugsource-0:1.5.1-25.el9_6.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-25.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.ppc64le"
},
"product_reference": "pam-debugsource-0:1.5.1-25.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-25.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.s390x"
},
"product_reference": "pam-debugsource-0:1.5.1-25.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-25.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.x86_64"
},
"product_reference": "pam-debugsource-0:1.5.1-25.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-25.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.aarch64"
},
"product_reference": "pam-devel-0:1.5.1-25.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-25.el9_6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.i686"
},
"product_reference": "pam-devel-0:1.5.1-25.el9_6.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-25.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.ppc64le"
},
"product_reference": "pam-devel-0:1.5.1-25.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-25.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.s390x"
},
"product_reference": "pam-devel-0:1.5.1-25.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-25.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.x86_64"
},
"product_reference": "pam-devel-0:1.5.1-25.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-25.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.aarch64"
},
"product_reference": "pam-docs-0:1.5.1-25.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-25.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.ppc64le"
},
"product_reference": "pam-docs-0:1.5.1-25.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-25.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.s390x"
},
"product_reference": "pam-docs-0:1.5.1-25.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-25.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.x86_64"
},
"product_reference": "pam-docs-0:1.5.1-25.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-25.el9_6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.aarch64"
},
"product_reference": "pam-0:1.5.1-25.el9_6.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-25.el9_6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.i686"
},
"product_reference": "pam-0:1.5.1-25.el9_6.i686",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-25.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.ppc64le"
},
"product_reference": "pam-0:1.5.1-25.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-25.el9_6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.s390x"
},
"product_reference": "pam-0:1.5.1-25.el9_6.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-25.el9_6.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.src"
},
"product_reference": "pam-0:1.5.1-25.el9_6.src",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-25.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.x86_64"
},
"product_reference": "pam-0:1.5.1-25.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-25.el9_6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.aarch64"
},
"product_reference": "pam-debuginfo-0:1.5.1-25.el9_6.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-25.el9_6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.i686"
},
"product_reference": "pam-debuginfo-0:1.5.1-25.el9_6.i686",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-25.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.ppc64le"
},
"product_reference": "pam-debuginfo-0:1.5.1-25.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-25.el9_6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.s390x"
},
"product_reference": "pam-debuginfo-0:1.5.1-25.el9_6.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-25.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.x86_64"
},
"product_reference": "pam-debuginfo-0:1.5.1-25.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-25.el9_6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.aarch64"
},
"product_reference": "pam-debugsource-0:1.5.1-25.el9_6.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-25.el9_6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.i686"
},
"product_reference": "pam-debugsource-0:1.5.1-25.el9_6.i686",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-25.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.ppc64le"
},
"product_reference": "pam-debugsource-0:1.5.1-25.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-25.el9_6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.s390x"
},
"product_reference": "pam-debugsource-0:1.5.1-25.el9_6.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-25.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.x86_64"
},
"product_reference": "pam-debugsource-0:1.5.1-25.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-25.el9_6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.aarch64"
},
"product_reference": "pam-devel-0:1.5.1-25.el9_6.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-25.el9_6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.i686"
},
"product_reference": "pam-devel-0:1.5.1-25.el9_6.i686",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-25.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.ppc64le"
},
"product_reference": "pam-devel-0:1.5.1-25.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-25.el9_6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.s390x"
},
"product_reference": "pam-devel-0:1.5.1-25.el9_6.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-25.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.x86_64"
},
"product_reference": "pam-devel-0:1.5.1-25.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-25.el9_6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.aarch64"
},
"product_reference": "pam-docs-0:1.5.1-25.el9_6.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-25.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.ppc64le"
},
"product_reference": "pam-docs-0:1.5.1-25.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-25.el9_6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.s390x"
},
"product_reference": "pam-docs-0:1.5.1-25.el9_6.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-25.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.x86_64"
},
"product_reference": "pam-docs-0:1.5.1-25.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-24T12:35:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:9526"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debuginfo-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-debugsource-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-devel-0:1.5.1-25.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:pam-docs-0:1.5.1-25.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
}
]
}
rhsa-2025:10823
Vulnerability from csaf_redhat
Published
2025-07-10 17:57
Modified
2025-07-30 15:34
Summary
Red Hat Security Advisory: Red Hat build of Tempo 3.6.1 release
Notes
Topic
Red Hat build of Tempo 3.6.1 has been released
Details
This release of the Red Hat build of Tempo provides a CVE fix.
Breaking changes:
* Nothing
Deprecations:
* Nothing
Technology Preview features:
* Nothing
Enhancements:
* Nothing
Bug fixes:
* Nothing
Known issues:
* Nothing
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat build of Tempo 3.6.1 has been released",
"title": "Topic"
},
{
"category": "general",
"text": "This release of the Red Hat build of Tempo provides a CVE fix.\n\n Breaking changes:\n\n * Nothing\n\n Deprecations:\n\n * Nothing\n \n Technology Preview features:\n\n * Nothing\n \n Enhancements:\n\n * Nothing\n\n Bug fixes:\n\n * Nothing\n \n Known issues:\n\n * Nothing",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10823",
"url": "https://access.redhat.com/errata/RHSA-2025:10823"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-4673",
"url": "https://access.redhat.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6020",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/distributed_tracing/distributed-tracing-platform-tempo",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/distributed_tracing/distributed-tracing-platform-tempo"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10823.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Tempo 3.6.1 release",
"tracking": {
"current_release_date": "2025-07-30T15:34:24+00:00",
"generator": {
"date": "2025-07-30T15:34:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.5"
}
},
"id": "RHSA-2025:10823",
"initial_release_date": "2025-07-10T17:57:25+00:00",
"revision_history": [
{
"date": "2025-07-10T17:57:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-10T17:57:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-07-30T15:34:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift distributed tracing 3.6.1",
"product": {
"name": "Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift distributed tracing"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-operator-bundle@sha256%3A85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752120292"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256%3Ae8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070873"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel8@sha256%3Ab9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1751993590"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256%3A34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070865"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256%3Acbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256%3Ac34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070827"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256%3A64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070833"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256%3Ab1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070873"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel8@sha256%3A2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1751993590"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256%3Ab195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070865"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256%3Ad0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256%3A8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070827"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256%3A1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070833"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256%3A3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070873"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel8@sha256%3Afaad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1751993590"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256%3A3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070865"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256%3A54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256%3Ae5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070827"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256%3A3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070833"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256%3Acd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070873"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel8@sha256%3Ad1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1751993590"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256%3Af370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070865"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256%3Ae0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256%3Afb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070827"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256%3A9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070833"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4673",
"discovery_date": "2025-06-18T06:34:57.662025+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373305"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect responses, unintentionally exposing authentication details to unauthorized parties.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The issue is rated as Moderate because while it can lead to a significant compromise of confidentiality, the attack complexity is high. Successful exploitation requires a specific set of circumstances, including the use of a proxy that relies on these headers for authentication and a user being enticed to interact with a malicious URL. The vulnerability does not allow for arbitrary code execution or a direct compromise of system integrity or availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "RHBZ#2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"category": "external",
"summary": "https://go.dev/cl/679257",
"url": "https://go.dev/cl/679257"
},
{
"category": "external",
"summary": "https://go.dev/issue/73816",
"url": "https://go.dev/issue/73816"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3751",
"url": "https://pkg.go.dev/vuln/GO-2025-3751"
}
],
"release_date": "2025-06-11T16:42:53.054000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-10T17:57:25+00:00",
"details": "For details on how to apply this update, refer to:\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10823"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http"
},
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-10T17:57:25+00:00",
"details": "For details on how to apply this update, refer to:\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10823"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
}
]
}
rhsa-2025:10361
Vulnerability from csaf_redhat
Published
2025-07-07 02:02
Modified
2025-07-30 15:36
Summary
Red Hat Security Advisory: pam security update
Notes
Topic
An update for pam is now available for Red Hat Enterprise Linux 8.4 Extended Update Support EXTENSION.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.
Security Fix(es):
* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pam is now available for Red Hat Enterprise Linux 8.4 Extended Update Support EXTENSION.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.\n\nSecurity Fix(es):\n\n* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10361",
"url": "https://access.redhat.com/errata/RHSA-2025:10361"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10361.json"
}
],
"title": "Red Hat Security Advisory: pam security update",
"tracking": {
"current_release_date": "2025-07-30T15:36:12+00:00",
"generator": {
"date": "2025-07-30T15:36:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.5"
}
},
"id": "RHSA-2025:10361",
"initial_release_date": "2025-07-07T02:02:55+00:00",
"revision_history": [
{
"date": "2025-07-07T02:02:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-07T02:02:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-07-30T15:36:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.4::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-14.el8_4.1.src",
"product": {
"name": "pam-0:1.3.1-14.el8_4.1.src",
"product_id": "pam-0:1.3.1-14.el8_4.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-14.el8_4.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-14.el8_4.1.i686",
"product": {
"name": "pam-0:1.3.1-14.el8_4.1.i686",
"product_id": "pam-0:1.3.1-14.el8_4.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-14.el8_4.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-14.el8_4.1.i686",
"product": {
"name": "pam-devel-0:1.3.1-14.el8_4.1.i686",
"product_id": "pam-devel-0:1.3.1-14.el8_4.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-14.el8_4.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-14.el8_4.1.i686",
"product": {
"name": "pam-debugsource-0:1.3.1-14.el8_4.1.i686",
"product_id": "pam-debugsource-0:1.3.1-14.el8_4.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-14.el8_4.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-14.el8_4.1.i686",
"product": {
"name": "pam-debuginfo-0:1.3.1-14.el8_4.1.i686",
"product_id": "pam-debuginfo-0:1.3.1-14.el8_4.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-14.el8_4.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-14.el8_4.1.x86_64",
"product": {
"name": "pam-0:1.3.1-14.el8_4.1.x86_64",
"product_id": "pam-0:1.3.1-14.el8_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-14.el8_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-14.el8_4.1.x86_64",
"product": {
"name": "pam-devel-0:1.3.1-14.el8_4.1.x86_64",
"product_id": "pam-devel-0:1.3.1-14.el8_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-14.el8_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-14.el8_4.1.x86_64",
"product": {
"name": "pam-debugsource-0:1.3.1-14.el8_4.1.x86_64",
"product_id": "pam-debugsource-0:1.3.1-14.el8_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-14.el8_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-14.el8_4.1.x86_64",
"product": {
"name": "pam-debuginfo-0:1.3.1-14.el8_4.1.x86_64",
"product_id": "pam-debuginfo-0:1.3.1-14.el8_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-14.el8_4.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-14.el8_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:pam-0:1.3.1-14.el8_4.1.i686"
},
"product_reference": "pam-0:1.3.1-14.el8_4.1.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-14.el8_4.1.src as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:pam-0:1.3.1-14.el8_4.1.src"
},
"product_reference": "pam-0:1.3.1-14.el8_4.1.src",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-14.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:pam-0:1.3.1-14.el8_4.1.x86_64"
},
"product_reference": "pam-0:1.3.1-14.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-14.el8_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:pam-debuginfo-0:1.3.1-14.el8_4.1.i686"
},
"product_reference": "pam-debuginfo-0:1.3.1-14.el8_4.1.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-14.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:pam-debuginfo-0:1.3.1-14.el8_4.1.x86_64"
},
"product_reference": "pam-debuginfo-0:1.3.1-14.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-14.el8_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:pam-debugsource-0:1.3.1-14.el8_4.1.i686"
},
"product_reference": "pam-debugsource-0:1.3.1-14.el8_4.1.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-14.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:pam-debugsource-0:1.3.1-14.el8_4.1.x86_64"
},
"product_reference": "pam-debugsource-0:1.3.1-14.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-14.el8_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:pam-devel-0:1.3.1-14.el8_4.1.i686"
},
"product_reference": "pam-devel-0:1.3.1-14.el8_4.1.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-14.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:pam-devel-0:1.3.1-14.el8_4.1.x86_64"
},
"product_reference": "pam-devel-0:1.3.1-14.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:pam-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-0:1.3.1-14.el8_4.1.src",
"BaseOS-8.4.0.Z.AUS:pam-0:1.3.1-14.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:pam-debuginfo-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-debuginfo-0:1.3.1-14.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:pam-debugsource-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-debugsource-0:1.3.1-14.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:pam-devel-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-devel-0:1.3.1-14.el8_4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T02:02:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:pam-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-0:1.3.1-14.el8_4.1.src",
"BaseOS-8.4.0.Z.AUS:pam-0:1.3.1-14.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:pam-debuginfo-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-debuginfo-0:1.3.1-14.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:pam-debugsource-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-debugsource-0:1.3.1-14.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:pam-devel-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-devel-0:1.3.1-14.el8_4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10361"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:pam-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-0:1.3.1-14.el8_4.1.src",
"BaseOS-8.4.0.Z.AUS:pam-0:1.3.1-14.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:pam-debuginfo-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-debuginfo-0:1.3.1-14.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:pam-debugsource-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-debugsource-0:1.3.1-14.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:pam-devel-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-devel-0:1.3.1-14.el8_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:pam-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-0:1.3.1-14.el8_4.1.src",
"BaseOS-8.4.0.Z.AUS:pam-0:1.3.1-14.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:pam-debuginfo-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-debuginfo-0:1.3.1-14.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:pam-debugsource-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-debugsource-0:1.3.1-14.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:pam-devel-0:1.3.1-14.el8_4.1.i686",
"BaseOS-8.4.0.Z.AUS:pam-devel-0:1.3.1-14.el8_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
}
]
}
rhsa-2025:10357
Vulnerability from csaf_redhat
Published
2025-07-07 02:29
Modified
2025-07-30 15:36
Summary
Red Hat Security Advisory: pam security update
Notes
Topic
An update for pam is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.
Security Fix(es):
* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pam is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.\n\nSecurity Fix(es):\n\n* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10357",
"url": "https://access.redhat.com/errata/RHSA-2025:10357"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10357.json"
}
],
"title": "Red Hat Security Advisory: pam security update",
"tracking": {
"current_release_date": "2025-07-30T15:36:42+00:00",
"generator": {
"date": "2025-07-30T15:36:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.5"
}
},
"id": "RHSA-2025:10357",
"initial_release_date": "2025-07-07T02:29:41+00:00",
"revision_history": [
{
"date": "2025-07-07T02:29:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-07T02:29:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-07-30T15:36:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.1.8-23.el7_9.1.src",
"product": {
"name": "pam-0:1.1.8-23.el7_9.1.src",
"product_id": "pam-0:1.1.8-23.el7_9.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.1.8-23.el7_9.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.1.8-23.el7_9.1.ppc",
"product": {
"name": "pam-0:1.1.8-23.el7_9.1.ppc",
"product_id": "pam-0:1.1.8-23.el7_9.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.1.8-23.el7_9.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.1.8-23.el7_9.1.ppc",
"product": {
"name": "pam-devel-0:1.1.8-23.el7_9.1.ppc",
"product_id": "pam-devel-0:1.1.8-23.el7_9.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.1.8-23.el7_9.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.ppc",
"product": {
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.ppc",
"product_id": "pam-debuginfo-0:1.1.8-23.el7_9.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.1.8-23.el7_9.1?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.1.8-23.el7_9.1.ppc64",
"product": {
"name": "pam-0:1.1.8-23.el7_9.1.ppc64",
"product_id": "pam-0:1.1.8-23.el7_9.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.1.8-23.el7_9.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.1.8-23.el7_9.1.ppc64",
"product": {
"name": "pam-devel-0:1.1.8-23.el7_9.1.ppc64",
"product_id": "pam-devel-0:1.1.8-23.el7_9.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.1.8-23.el7_9.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64",
"product": {
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64",
"product_id": "pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.1.8-23.el7_9.1?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.1.8-23.el7_9.1.s390",
"product": {
"name": "pam-0:1.1.8-23.el7_9.1.s390",
"product_id": "pam-0:1.1.8-23.el7_9.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.1.8-23.el7_9.1?arch=s390"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.1.8-23.el7_9.1.s390",
"product": {
"name": "pam-devel-0:1.1.8-23.el7_9.1.s390",
"product_id": "pam-devel-0:1.1.8-23.el7_9.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.1.8-23.el7_9.1?arch=s390"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.s390",
"product": {
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.s390",
"product_id": "pam-debuginfo-0:1.1.8-23.el7_9.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.1.8-23.el7_9.1?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.1.8-23.el7_9.1.s390x",
"product": {
"name": "pam-0:1.1.8-23.el7_9.1.s390x",
"product_id": "pam-0:1.1.8-23.el7_9.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.1.8-23.el7_9.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.1.8-23.el7_9.1.s390x",
"product": {
"name": "pam-devel-0:1.1.8-23.el7_9.1.s390x",
"product_id": "pam-devel-0:1.1.8-23.el7_9.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.1.8-23.el7_9.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.s390x",
"product": {
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.s390x",
"product_id": "pam-debuginfo-0:1.1.8-23.el7_9.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.1.8-23.el7_9.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.1.8-23.el7_9.1.x86_64",
"product": {
"name": "pam-0:1.1.8-23.el7_9.1.x86_64",
"product_id": "pam-0:1.1.8-23.el7_9.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.1.8-23.el7_9.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.1.8-23.el7_9.1.x86_64",
"product": {
"name": "pam-devel-0:1.1.8-23.el7_9.1.x86_64",
"product_id": "pam-devel-0:1.1.8-23.el7_9.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.1.8-23.el7_9.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.x86_64",
"product": {
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.x86_64",
"product_id": "pam-debuginfo-0:1.1.8-23.el7_9.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.1.8-23.el7_9.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.1.8-23.el7_9.1.i686",
"product": {
"name": "pam-0:1.1.8-23.el7_9.1.i686",
"product_id": "pam-0:1.1.8-23.el7_9.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.1.8-23.el7_9.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.1.8-23.el7_9.1.i686",
"product": {
"name": "pam-devel-0:1.1.8-23.el7_9.1.i686",
"product_id": "pam-devel-0:1.1.8-23.el7_9.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.1.8-23.el7_9.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.i686",
"product": {
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.i686",
"product_id": "pam-debuginfo-0:1.1.8-23.el7_9.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.1.8-23.el7_9.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.1.8-23.el7_9.1.ppc64le",
"product": {
"name": "pam-0:1.1.8-23.el7_9.1.ppc64le",
"product_id": "pam-0:1.1.8-23.el7_9.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.1.8-23.el7_9.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.1.8-23.el7_9.1.ppc64le",
"product": {
"name": "pam-devel-0:1.1.8-23.el7_9.1.ppc64le",
"product_id": "pam-devel-0:1.1.8-23.el7_9.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.1.8-23.el7_9.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64le",
"product": {
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64le",
"product_id": "pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.1.8-23.el7_9.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.1.8-23.el7_9.1.i686 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-0:1.1.8-23.el7_9.1.i686"
},
"product_reference": "pam-0:1.1.8-23.el7_9.1.i686",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.1.8-23.el7_9.1.ppc as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-0:1.1.8-23.el7_9.1.ppc"
},
"product_reference": "pam-0:1.1.8-23.el7_9.1.ppc",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.1.8-23.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-0:1.1.8-23.el7_9.1.ppc64"
},
"product_reference": "pam-0:1.1.8-23.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.1.8-23.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-0:1.1.8-23.el7_9.1.ppc64le"
},
"product_reference": "pam-0:1.1.8-23.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.1.8-23.el7_9.1.s390 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-0:1.1.8-23.el7_9.1.s390"
},
"product_reference": "pam-0:1.1.8-23.el7_9.1.s390",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.1.8-23.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-0:1.1.8-23.el7_9.1.s390x"
},
"product_reference": "pam-0:1.1.8-23.el7_9.1.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.1.8-23.el7_9.1.src as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-0:1.1.8-23.el7_9.1.src"
},
"product_reference": "pam-0:1.1.8-23.el7_9.1.src",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.1.8-23.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-0:1.1.8-23.el7_9.1.x86_64"
},
"product_reference": "pam-0:1.1.8-23.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.i686 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.i686"
},
"product_reference": "pam-debuginfo-0:1.1.8-23.el7_9.1.i686",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.ppc as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.ppc"
},
"product_reference": "pam-debuginfo-0:1.1.8-23.el7_9.1.ppc",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64"
},
"product_reference": "pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64le"
},
"product_reference": "pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.s390 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.s390"
},
"product_reference": "pam-debuginfo-0:1.1.8-23.el7_9.1.s390",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.s390x"
},
"product_reference": "pam-debuginfo-0:1.1.8-23.el7_9.1.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.1.8-23.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.x86_64"
},
"product_reference": "pam-debuginfo-0:1.1.8-23.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.1.8-23.el7_9.1.i686 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.i686"
},
"product_reference": "pam-devel-0:1.1.8-23.el7_9.1.i686",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.1.8-23.el7_9.1.ppc as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.ppc"
},
"product_reference": "pam-devel-0:1.1.8-23.el7_9.1.ppc",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.1.8-23.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.ppc64"
},
"product_reference": "pam-devel-0:1.1.8-23.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.1.8-23.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.ppc64le"
},
"product_reference": "pam-devel-0:1.1.8-23.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.1.8-23.el7_9.1.s390 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.s390"
},
"product_reference": "pam-devel-0:1.1.8-23.el7_9.1.s390",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.1.8-23.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.s390x"
},
"product_reference": "pam-devel-0:1.1.8-23.el7_9.1.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.1.8-23.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.x86_64"
},
"product_reference": "pam-devel-0:1.1.8-23.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-ELS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.i686",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.ppc",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.ppc64",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.ppc64le",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.s390",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.s390x",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.src",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.x86_64",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.i686",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.ppc",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64le",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.s390",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.s390x",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.x86_64",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.i686",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.ppc",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.ppc64",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.ppc64le",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.s390",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.s390x",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T02:29:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.i686",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.ppc",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.ppc64",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.ppc64le",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.s390",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.s390x",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.src",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.x86_64",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.i686",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.ppc",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64le",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.s390",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.s390x",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.x86_64",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.i686",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.ppc",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.ppc64",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.ppc64le",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.s390",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.s390x",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10357"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.i686",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.ppc",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.ppc64",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.ppc64le",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.s390",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.s390x",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.src",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.x86_64",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.i686",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.ppc",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64le",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.s390",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.s390x",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.x86_64",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.i686",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.ppc",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.ppc64",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.ppc64le",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.s390",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.s390x",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.i686",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.ppc",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.ppc64",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.ppc64le",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.s390",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.s390x",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.src",
"7Server-ELS:pam-0:1.1.8-23.el7_9.1.x86_64",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.i686",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.ppc",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.ppc64le",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.s390",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.s390x",
"7Server-ELS:pam-debuginfo-0:1.1.8-23.el7_9.1.x86_64",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.i686",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.ppc",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.ppc64",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.ppc64le",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.s390",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.s390x",
"7Server-ELS:pam-devel-0:1.1.8-23.el7_9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
}
]
}
rhsa-2025:11386
Vulnerability from csaf_redhat
Published
2025-07-17 15:25
Modified
2025-08-06 15:38
Summary
Red Hat Security Advisory: updated RHEL-8 based Middleware Containers container images
Notes
Topic
Updated RHEL-8 based Middleware Containers container images are now available
Details
The RHEL-8 based Middleware Containers container images have been updated to address the following security advisory: RHSA-2025:10698 (see References)
Users of RHEL-8 based Middleware Containers container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.
You can find images updated by this advisory in Red Hat Container Catalog (see References).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated RHEL-8 based Middleware Containers container images are now available",
"title": "Topic"
},
{
"category": "general",
"text": "The RHEL-8 based Middleware Containers container images have been updated to address the following security advisory: RHSA-2025:10698 (see References)\n\nUsers of RHEL-8 based Middleware Containers container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.\n\nYou can find images updated by this advisory in Red Hat Container Catalog (see References).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:11386",
"url": "https://access.redhat.com/errata/RHSA-2025:11386"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/errata/RHSA-2025:10698",
"url": "https://access.redhat.com/errata/RHSA-2025:10698"
},
{
"category": "external",
"summary": "https://access.redhat.com/containers",
"url": "https://access.redhat.com/containers"
},
{
"category": "external",
"summary": "2370010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370010"
},
{
"category": "external",
"summary": "2370013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370013"
},
{
"category": "external",
"summary": "2370014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370014"
},
{
"category": "external",
"summary": "2370016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370016"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "2372426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372426"
},
{
"category": "external",
"summary": "2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_11386.json"
}
],
"title": "Red Hat Security Advisory: updated RHEL-8 based Middleware Containers container images",
"tracking": {
"current_release_date": "2025-08-06T15:38:18+00:00",
"generator": {
"date": "2025-08-06T15:38:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:11386",
"initial_release_date": "2025-07-17T15:25:25+00:00",
"revision_history": [
{
"date": "2025-07-17T15:25:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-17T15:25:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-06T15:38:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Middleware Containers for OpenShift",
"product": {
"name": "Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhosemc:1.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"product": {
"name": "rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"product_id": "rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-businesscentral-monitoring-rhel8\u0026tag=7.13.5-4.1752066672"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"product": {
"name": "rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"product_id": "rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-businesscentral-rhel8\u0026tag=7.13.5-4.1752065732"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"product": {
"name": "rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"product_id": "rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-controller-rhel8\u0026tag=7.13.5-4.1752065732"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"product": {
"name": "rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"product_id": "rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-dashbuilder-rhel8\u0026tag=7.13.5-3.1752065737"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"product": {
"name": "rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"product_id": "rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-kieserver-rhel8\u0026tag=7.13.5-4.1752065731"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"product": {
"name": "rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"product_id": "rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-process-migration-rhel8\u0026tag=7.13.5-4.1752065736"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"product": {
"name": "rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"product_id": "rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-rhel8-operator\u0026tag=7.13.5-2.1752065733"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64",
"product": {
"name": "rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64",
"product_id": "rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-smartrouter-rhel8\u0026tag=7.13.5-4.1752065755"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"product": {
"name": "rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"product_id": "rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-operator-bundle\u0026tag=7.13.5-25"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64"
},
"product_reference": "rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64"
},
"product_reference": "rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64"
},
"product_reference": "rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64"
},
"product_reference": "rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64"
},
"product_reference": "rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64"
},
"product_reference": "rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64"
},
"product_reference": "rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64"
},
"product_reference": "rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
},
"product_reference": "rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-12718",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-03T14:00:57.613538+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370013"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CPython\u0027s tarfile module. This vulnerability allows modification of file metadata, such as timestamps or permissions, outside the intended extraction directory via maliciously crafted tar archives using the filter=\"data\" or filter=\"tar\" extraction filters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: Bypass extraction filter to modify file metadata outside extraction directory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this vulnerability was lowered due to the fact that successful exploitation requires the attacker to convince a privileged user or process to extract a malicious tar file. Since tar file extraction typically occurs in trusted contexts or with elevated privileges, the impact is reduced by the requirement of such access.\n\nVersions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-12718"
},
{
"category": "external",
"summary": "RHBZ#2370013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370013"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-12718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12718"
},
{
"category": "external",
"summary": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f",
"url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a",
"url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a",
"url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/127987",
"url": "https://github.com/python/cpython/issues/127987"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135034",
"url": "https://github.com/python/cpython/issues/135034"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135037",
"url": "https://github.com/python/cpython/pull/135037"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"
}
],
"release_date": "2025-06-03T12:59:10.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-17T15:25:25+00:00",
"details": "The RHEL-8 based Middleware Containers container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
"product_ids": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11386"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cpython: python: Bypass extraction filter to modify file metadata outside extraction directory"
},
{
"cve": "CVE-2025-4138",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T09:03:58.434950+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372426"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Python tarfile module. This vulnerability allows attackers to bypass extraction filters, enabling symlink targets to escape the destination directory and allowing unauthorized modification of file metadata via the use of TarFile.extract() or TarFile.extractall() with the filter= parameter set to \"data\" or \"tar\".",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Versions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4138"
},
{
"category": "external",
"summary": "RHBZ#2372426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372426"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4138",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4138"
},
{
"category": "external",
"summary": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f",
"url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a",
"url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a",
"url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135034",
"url": "https://github.com/python/cpython/issues/135034"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135037",
"url": "https://github.com/python/cpython/pull/135037"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"
}
],
"release_date": "2025-06-03T12:59:02.717000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-17T15:25:25+00:00",
"details": "The RHEL-8 based Middleware Containers container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
"product_ids": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11386"
},
{
"category": "workaround",
"details": "Red Hat recommends upgrading to a fixed release of Python as soon as one is available. This vulnerability can be mitigated by rejecting links inside tarfiles that use relative references to the parent directory. The upstream advisory provides this example code:\n\n\u0027\u0027\u0027\n# Avoid insecure segments in link names.\nfor member in tar.getmembers():\n if not member.islnk():\n continue\n if os.pardir in os.path.split(member.linkname):\n raise OSError(\"Tarfile with insecure segment (\u0027..\u0027) in linkname\")\n\n# Now safe to extract members with the data filter.\ntar.extractall(filter=\"data\")\n\u0027\u0027\u0027",
"product_ids": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory"
},
{
"cve": "CVE-2025-4517",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-03T14:01:12.271192+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the CPython tarfile module. This vulnerability allows arbitrary filesystem writes outside the extraction directory via extracting untrusted tar archives using the TarFile.extractall() or TarFile.extract() methods with the extraction filter parameter set to \"data\" or \"tar\".",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: cpython: Arbitrary writes via tarfile realpath overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this vulnerability was lowered due to the fact that successful exploitation requires the attacker to convince a privileged user or process to extract a malicious tar file. Since tar file extraction typically occurs in trusted contexts or with elevated privileges, the impact is reduced by the requirement of such access.\n\nVersions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4517"
},
{
"category": "external",
"summary": "RHBZ#2370016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4517"
},
{
"category": "external",
"summary": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f",
"url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a",
"url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a",
"url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135034",
"url": "https://github.com/python/cpython/issues/135034"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135037",
"url": "https://github.com/python/cpython/pull/135037"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"
}
],
"release_date": "2025-06-03T12:58:50.352000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-17T15:25:25+00:00",
"details": "The RHEL-8 based Middleware Containers container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
"product_ids": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11386"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python: cpython: Arbitrary writes via tarfile realpath overflow"
},
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-17T15:25:25+00:00",
"details": "The RHEL-8 based Middleware Containers container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
"product_ids": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11386"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:2e80c3dfa1f6626a9e04ea73d166ba1f76bfa3bbf2b8e8fdbcca9335a72315e4_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:c5aff29d13a45f7a488cb1c15e7d31ac98d04aca5676b5ec78f66d36631abdb3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:54fc0d91b9ddebff1e77c0ec994763906bdb5fdaedce1edc65777e26145fc879_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:13a4dc736a5b3717c618910b38d6de7627dfa7d73f65f1f052a4f372b5e32d0f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:8571df197428508c9353f8cc6e6f33120650a49442c1e75c235838e0ab8130f0_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:1b10c7ce00d06191634253010b33cc62708513fd683d3fbcb2fdebe5ec9d75fc_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:f39f81f93501a792b49ee2ca67ca5d11d9a333f458cbafaa67ddf06ecfd72865_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:f57ebf2df8d5e1aa5e6598aa1a4bf9458f3a04e57245881b52f0a94839289a40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:8a455986352060aa24497516c59b1f283fc9407e94cc4b6a6b17563980d0db56_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
}
]
}
rhsa-2025:10358
Vulnerability from csaf_redhat
Published
2025-07-07 02:29
Modified
2025-07-30 15:36
Summary
Red Hat Security Advisory: pam security update
Notes
Topic
An update for pam is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.
Security Fix(es):
* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pam is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.\n\nSecurity Fix(es):\n\n* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10358",
"url": "https://access.redhat.com/errata/RHSA-2025:10358"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10358.json"
}
],
"title": "Red Hat Security Advisory: pam security update",
"tracking": {
"current_release_date": "2025-07-30T15:36:31+00:00",
"generator": {
"date": "2025-07-30T15:36:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.5"
}
},
"id": "RHSA-2025:10358",
"initial_release_date": "2025-07-07T02:29:00+00:00",
"revision_history": [
{
"date": "2025-07-07T02:29:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-07T02:29:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-07-30T15:36:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:8.8::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:8.8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-26.el8_8.1.src",
"product": {
"name": "pam-0:1.3.1-26.el8_8.1.src",
"product_id": "pam-0:1.3.1-26.el8_8.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-26.el8_8.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-26.el8_8.1.ppc64le",
"product": {
"name": "pam-0:1.3.1-26.el8_8.1.ppc64le",
"product_id": "pam-0:1.3.1-26.el8_8.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-26.el8_8.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-26.el8_8.1.ppc64le",
"product": {
"name": "pam-devel-0:1.3.1-26.el8_8.1.ppc64le",
"product_id": "pam-devel-0:1.3.1-26.el8_8.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-26.el8_8.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-26.el8_8.1.ppc64le",
"product": {
"name": "pam-debugsource-0:1.3.1-26.el8_8.1.ppc64le",
"product_id": "pam-debugsource-0:1.3.1-26.el8_8.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-26.el8_8.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-26.el8_8.1.ppc64le",
"product": {
"name": "pam-debuginfo-0:1.3.1-26.el8_8.1.ppc64le",
"product_id": "pam-debuginfo-0:1.3.1-26.el8_8.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-26.el8_8.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-26.el8_8.1.i686",
"product": {
"name": "pam-0:1.3.1-26.el8_8.1.i686",
"product_id": "pam-0:1.3.1-26.el8_8.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-26.el8_8.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-26.el8_8.1.i686",
"product": {
"name": "pam-devel-0:1.3.1-26.el8_8.1.i686",
"product_id": "pam-devel-0:1.3.1-26.el8_8.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-26.el8_8.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-26.el8_8.1.i686",
"product": {
"name": "pam-debugsource-0:1.3.1-26.el8_8.1.i686",
"product_id": "pam-debugsource-0:1.3.1-26.el8_8.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-26.el8_8.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-26.el8_8.1.i686",
"product": {
"name": "pam-debuginfo-0:1.3.1-26.el8_8.1.i686",
"product_id": "pam-debuginfo-0:1.3.1-26.el8_8.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-26.el8_8.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-26.el8_8.1.x86_64",
"product": {
"name": "pam-0:1.3.1-26.el8_8.1.x86_64",
"product_id": "pam-0:1.3.1-26.el8_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-26.el8_8.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-26.el8_8.1.x86_64",
"product": {
"name": "pam-devel-0:1.3.1-26.el8_8.1.x86_64",
"product_id": "pam-devel-0:1.3.1-26.el8_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-26.el8_8.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-26.el8_8.1.x86_64",
"product": {
"name": "pam-debugsource-0:1.3.1-26.el8_8.1.x86_64",
"product_id": "pam-debugsource-0:1.3.1-26.el8_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-26.el8_8.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64",
"product": {
"name": "pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64",
"product_id": "pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-26.el8_8.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-26.el8_8.1.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.i686"
},
"product_reference": "pam-0:1.3.1-26.el8_8.1.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-26.el8_8.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.ppc64le"
},
"product_reference": "pam-0:1.3.1-26.el8_8.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-26.el8_8.1.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.src"
},
"product_reference": "pam-0:1.3.1-26.el8_8.1.src",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-26.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.x86_64"
},
"product_reference": "pam-0:1.3.1-26.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-26.el8_8.1.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:pam-debuginfo-0:1.3.1-26.el8_8.1.i686"
},
"product_reference": "pam-debuginfo-0:1.3.1-26.el8_8.1.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-26.el8_8.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:pam-debuginfo-0:1.3.1-26.el8_8.1.ppc64le"
},
"product_reference": "pam-debuginfo-0:1.3.1-26.el8_8.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64"
},
"product_reference": "pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-26.el8_8.1.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:pam-debugsource-0:1.3.1-26.el8_8.1.i686"
},
"product_reference": "pam-debugsource-0:1.3.1-26.el8_8.1.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-26.el8_8.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:pam-debugsource-0:1.3.1-26.el8_8.1.ppc64le"
},
"product_reference": "pam-debugsource-0:1.3.1-26.el8_8.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-26.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:pam-debugsource-0:1.3.1-26.el8_8.1.x86_64"
},
"product_reference": "pam-debugsource-0:1.3.1-26.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-26.el8_8.1.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:pam-devel-0:1.3.1-26.el8_8.1.i686"
},
"product_reference": "pam-devel-0:1.3.1-26.el8_8.1.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-26.el8_8.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:pam-devel-0:1.3.1-26.el8_8.1.ppc64le"
},
"product_reference": "pam-devel-0:1.3.1-26.el8_8.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-26.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:pam-devel-0:1.3.1-26.el8_8.1.x86_64"
},
"product_reference": "pam-devel-0:1.3.1-26.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-26.el8_8.1.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:pam-0:1.3.1-26.el8_8.1.i686"
},
"product_reference": "pam-0:1.3.1-26.el8_8.1.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-26.el8_8.1.src as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:pam-0:1.3.1-26.el8_8.1.src"
},
"product_reference": "pam-0:1.3.1-26.el8_8.1.src",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-26.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:pam-0:1.3.1-26.el8_8.1.x86_64"
},
"product_reference": "pam-0:1.3.1-26.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-26.el8_8.1.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:pam-debuginfo-0:1.3.1-26.el8_8.1.i686"
},
"product_reference": "pam-debuginfo-0:1.3.1-26.el8_8.1.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64"
},
"product_reference": "pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-26.el8_8.1.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:pam-debugsource-0:1.3.1-26.el8_8.1.i686"
},
"product_reference": "pam-debugsource-0:1.3.1-26.el8_8.1.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-26.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:pam-debugsource-0:1.3.1-26.el8_8.1.x86_64"
},
"product_reference": "pam-debugsource-0:1.3.1-26.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-26.el8_8.1.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:pam-devel-0:1.3.1-26.el8_8.1.i686"
},
"product_reference": "pam-devel-0:1.3.1-26.el8_8.1.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-26.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:pam-devel-0:1.3.1-26.el8_8.1.x86_64"
},
"product_reference": "pam-devel-0:1.3.1-26.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.src",
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:pam-debuginfo-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-debuginfo-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:pam-debugsource-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-debugsource-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-debugsource-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:pam-devel-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-devel-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-devel-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-0:1.3.1-26.el8_8.1.src",
"BaseOS-8.8.0.Z.TUS:pam-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-debuginfo-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-debugsource-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-debugsource-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-devel-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-devel-0:1.3.1-26.el8_8.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T02:29:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.src",
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:pam-debuginfo-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-debuginfo-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:pam-debugsource-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-debugsource-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-debugsource-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:pam-devel-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-devel-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-devel-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-0:1.3.1-26.el8_8.1.src",
"BaseOS-8.8.0.Z.TUS:pam-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-debuginfo-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-debugsource-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-debugsource-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-devel-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-devel-0:1.3.1-26.el8_8.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10358"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.src",
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:pam-debuginfo-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-debuginfo-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:pam-debugsource-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-debugsource-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-debugsource-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:pam-devel-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-devel-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-devel-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-0:1.3.1-26.el8_8.1.src",
"BaseOS-8.8.0.Z.TUS:pam-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-debuginfo-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-debugsource-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-debugsource-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-devel-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-devel-0:1.3.1-26.el8_8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.src",
"BaseOS-8.8.0.Z.E4S:pam-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:pam-debuginfo-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-debuginfo-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:pam-debugsource-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-debugsource-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-debugsource-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:pam-devel-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.E4S:pam-devel-0:1.3.1-26.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:pam-devel-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-0:1.3.1-26.el8_8.1.src",
"BaseOS-8.8.0.Z.TUS:pam-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-debuginfo-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-debuginfo-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-debugsource-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-debugsource-0:1.3.1-26.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:pam-devel-0:1.3.1-26.el8_8.1.i686",
"BaseOS-8.8.0.Z.TUS:pam-devel-0:1.3.1-26.el8_8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
}
]
}
rhsa-2025:10362
Vulnerability from csaf_redhat
Published
2025-07-07 02:14
Modified
2025-07-30 15:33
Summary
Red Hat Security Advisory: pam security update
Notes
Topic
An update for pam is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.
Security Fix(es):
* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pam is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.\n\nSecurity Fix(es):\n\n* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10362",
"url": "https://access.redhat.com/errata/RHSA-2025:10362"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10362.json"
}
],
"title": "Red Hat Security Advisory: pam security update",
"tracking": {
"current_release_date": "2025-07-30T15:33:53+00:00",
"generator": {
"date": "2025-07-30T15:33:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.5"
}
},
"id": "RHSA-2025:10362",
"initial_release_date": "2025-07-07T02:14:30+00:00",
"revision_history": [
{
"date": "2025-07-07T02:14:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-07T02:14:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-07-30T15:33:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-8.el8_2.1.src",
"product": {
"name": "pam-0:1.3.1-8.el8_2.1.src",
"product_id": "pam-0:1.3.1-8.el8_2.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-8.el8_2.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-8.el8_2.1.i686",
"product": {
"name": "pam-0:1.3.1-8.el8_2.1.i686",
"product_id": "pam-0:1.3.1-8.el8_2.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-8.el8_2.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-8.el8_2.1.i686",
"product": {
"name": "pam-devel-0:1.3.1-8.el8_2.1.i686",
"product_id": "pam-devel-0:1.3.1-8.el8_2.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-8.el8_2.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-8.el8_2.1.i686",
"product": {
"name": "pam-debugsource-0:1.3.1-8.el8_2.1.i686",
"product_id": "pam-debugsource-0:1.3.1-8.el8_2.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-8.el8_2.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-8.el8_2.1.i686",
"product": {
"name": "pam-debuginfo-0:1.3.1-8.el8_2.1.i686",
"product_id": "pam-debuginfo-0:1.3.1-8.el8_2.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-8.el8_2.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-8.el8_2.1.x86_64",
"product": {
"name": "pam-0:1.3.1-8.el8_2.1.x86_64",
"product_id": "pam-0:1.3.1-8.el8_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-8.el8_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-8.el8_2.1.x86_64",
"product": {
"name": "pam-devel-0:1.3.1-8.el8_2.1.x86_64",
"product_id": "pam-devel-0:1.3.1-8.el8_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-8.el8_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-8.el8_2.1.x86_64",
"product": {
"name": "pam-debugsource-0:1.3.1-8.el8_2.1.x86_64",
"product_id": "pam-debugsource-0:1.3.1-8.el8_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-8.el8_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-8.el8_2.1.x86_64",
"product": {
"name": "pam-debuginfo-0:1.3.1-8.el8_2.1.x86_64",
"product_id": "pam-debuginfo-0:1.3.1-8.el8_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-8.el8_2.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-8.el8_2.1.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:pam-0:1.3.1-8.el8_2.1.i686"
},
"product_reference": "pam-0:1.3.1-8.el8_2.1.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-8.el8_2.1.src as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:pam-0:1.3.1-8.el8_2.1.src"
},
"product_reference": "pam-0:1.3.1-8.el8_2.1.src",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-8.el8_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:pam-0:1.3.1-8.el8_2.1.x86_64"
},
"product_reference": "pam-0:1.3.1-8.el8_2.1.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-8.el8_2.1.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:pam-debuginfo-0:1.3.1-8.el8_2.1.i686"
},
"product_reference": "pam-debuginfo-0:1.3.1-8.el8_2.1.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-8.el8_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:pam-debuginfo-0:1.3.1-8.el8_2.1.x86_64"
},
"product_reference": "pam-debuginfo-0:1.3.1-8.el8_2.1.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-8.el8_2.1.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:pam-debugsource-0:1.3.1-8.el8_2.1.i686"
},
"product_reference": "pam-debugsource-0:1.3.1-8.el8_2.1.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-8.el8_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:pam-debugsource-0:1.3.1-8.el8_2.1.x86_64"
},
"product_reference": "pam-debugsource-0:1.3.1-8.el8_2.1.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-8.el8_2.1.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:pam-devel-0:1.3.1-8.el8_2.1.i686"
},
"product_reference": "pam-devel-0:1.3.1-8.el8_2.1.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-8.el8_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:pam-devel-0:1.3.1-8.el8_2.1.x86_64"
},
"product_reference": "pam-devel-0:1.3.1-8.el8_2.1.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:pam-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-0:1.3.1-8.el8_2.1.src",
"BaseOS-8.2.0.Z.AUS:pam-0:1.3.1-8.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:pam-debuginfo-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-debuginfo-0:1.3.1-8.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:pam-debugsource-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-debugsource-0:1.3.1-8.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:pam-devel-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-devel-0:1.3.1-8.el8_2.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T02:14:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:pam-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-0:1.3.1-8.el8_2.1.src",
"BaseOS-8.2.0.Z.AUS:pam-0:1.3.1-8.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:pam-debuginfo-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-debuginfo-0:1.3.1-8.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:pam-debugsource-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-debugsource-0:1.3.1-8.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:pam-devel-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-devel-0:1.3.1-8.el8_2.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10362"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:pam-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-0:1.3.1-8.el8_2.1.src",
"BaseOS-8.2.0.Z.AUS:pam-0:1.3.1-8.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:pam-debuginfo-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-debuginfo-0:1.3.1-8.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:pam-debugsource-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-debugsource-0:1.3.1-8.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:pam-devel-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-devel-0:1.3.1-8.el8_2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:pam-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-0:1.3.1-8.el8_2.1.src",
"BaseOS-8.2.0.Z.AUS:pam-0:1.3.1-8.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:pam-debuginfo-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-debuginfo-0:1.3.1-8.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:pam-debugsource-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-debugsource-0:1.3.1-8.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:pam-devel-0:1.3.1-8.el8_2.1.i686",
"BaseOS-8.2.0.Z.AUS:pam-devel-0:1.3.1-8.el8_2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
}
]
}
rhsa-2025:10027
Vulnerability from csaf_redhat
Published
2025-07-01 14:00
Modified
2025-07-30 15:35
Summary
Red Hat Security Advisory: pam security update
Notes
Topic
An update for pam is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.
Security Fix(es):
* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pam is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.\n\nSecurity Fix(es):\n\n* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10027",
"url": "https://access.redhat.com/errata/RHSA-2025:10027"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10027.json"
}
],
"title": "Red Hat Security Advisory: pam security update",
"tracking": {
"current_release_date": "2025-07-30T15:35:51+00:00",
"generator": {
"date": "2025-07-30T15:35:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.5"
}
},
"id": "RHSA-2025:10027",
"initial_release_date": "2025-07-01T14:00:54+00:00",
"revision_history": [
{
"date": "2025-07-01T14:00:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-01T14:00:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-07-30T15:35:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-37.el8_10.src",
"product": {
"name": "pam-0:1.3.1-37.el8_10.src",
"product_id": "pam-0:1.3.1-37.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-37.el8_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-37.el8_10.aarch64",
"product": {
"name": "pam-0:1.3.1-37.el8_10.aarch64",
"product_id": "pam-0:1.3.1-37.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-37.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-37.el8_10.aarch64",
"product": {
"name": "pam-devel-0:1.3.1-37.el8_10.aarch64",
"product_id": "pam-devel-0:1.3.1-37.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-37.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-37.el8_10.aarch64",
"product": {
"name": "pam-debugsource-0:1.3.1-37.el8_10.aarch64",
"product_id": "pam-debugsource-0:1.3.1-37.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-37.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-37.el8_10.aarch64",
"product": {
"name": "pam-debuginfo-0:1.3.1-37.el8_10.aarch64",
"product_id": "pam-debuginfo-0:1.3.1-37.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-37.el8_10?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-37.el8_10.ppc64le",
"product": {
"name": "pam-0:1.3.1-37.el8_10.ppc64le",
"product_id": "pam-0:1.3.1-37.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-37.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-37.el8_10.ppc64le",
"product": {
"name": "pam-devel-0:1.3.1-37.el8_10.ppc64le",
"product_id": "pam-devel-0:1.3.1-37.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-37.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-37.el8_10.ppc64le",
"product": {
"name": "pam-debugsource-0:1.3.1-37.el8_10.ppc64le",
"product_id": "pam-debugsource-0:1.3.1-37.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-37.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-37.el8_10.ppc64le",
"product": {
"name": "pam-debuginfo-0:1.3.1-37.el8_10.ppc64le",
"product_id": "pam-debuginfo-0:1.3.1-37.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-37.el8_10?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-37.el8_10.i686",
"product": {
"name": "pam-0:1.3.1-37.el8_10.i686",
"product_id": "pam-0:1.3.1-37.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-37.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-37.el8_10.i686",
"product": {
"name": "pam-devel-0:1.3.1-37.el8_10.i686",
"product_id": "pam-devel-0:1.3.1-37.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-37.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-37.el8_10.i686",
"product": {
"name": "pam-debugsource-0:1.3.1-37.el8_10.i686",
"product_id": "pam-debugsource-0:1.3.1-37.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-37.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-37.el8_10.i686",
"product": {
"name": "pam-debuginfo-0:1.3.1-37.el8_10.i686",
"product_id": "pam-debuginfo-0:1.3.1-37.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-37.el8_10?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-37.el8_10.x86_64",
"product": {
"name": "pam-0:1.3.1-37.el8_10.x86_64",
"product_id": "pam-0:1.3.1-37.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-37.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-37.el8_10.x86_64",
"product": {
"name": "pam-devel-0:1.3.1-37.el8_10.x86_64",
"product_id": "pam-devel-0:1.3.1-37.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-37.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-37.el8_10.x86_64",
"product": {
"name": "pam-debugsource-0:1.3.1-37.el8_10.x86_64",
"product_id": "pam-debugsource-0:1.3.1-37.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-37.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-37.el8_10.x86_64",
"product": {
"name": "pam-debuginfo-0:1.3.1-37.el8_10.x86_64",
"product_id": "pam-debuginfo-0:1.3.1-37.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-37.el8_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-37.el8_10.s390x",
"product": {
"name": "pam-0:1.3.1-37.el8_10.s390x",
"product_id": "pam-0:1.3.1-37.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-37.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-37.el8_10.s390x",
"product": {
"name": "pam-devel-0:1.3.1-37.el8_10.s390x",
"product_id": "pam-devel-0:1.3.1-37.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-37.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-37.el8_10.s390x",
"product": {
"name": "pam-debugsource-0:1.3.1-37.el8_10.s390x",
"product_id": "pam-debugsource-0:1.3.1-37.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-37.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-37.el8_10.s390x",
"product": {
"name": "pam-debuginfo-0:1.3.1-37.el8_10.s390x",
"product_id": "pam-debuginfo-0:1.3.1-37.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-37.el8_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-37.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.aarch64"
},
"product_reference": "pam-0:1.3.1-37.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-37.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.i686"
},
"product_reference": "pam-0:1.3.1-37.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-37.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.ppc64le"
},
"product_reference": "pam-0:1.3.1-37.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-37.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.s390x"
},
"product_reference": "pam-0:1.3.1-37.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-37.el8_10.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.src"
},
"product_reference": "pam-0:1.3.1-37.el8_10.src",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-37.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.x86_64"
},
"product_reference": "pam-0:1.3.1-37.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-37.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.aarch64"
},
"product_reference": "pam-debuginfo-0:1.3.1-37.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-37.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.i686"
},
"product_reference": "pam-debuginfo-0:1.3.1-37.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-37.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.ppc64le"
},
"product_reference": "pam-debuginfo-0:1.3.1-37.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-37.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.s390x"
},
"product_reference": "pam-debuginfo-0:1.3.1-37.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-37.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.x86_64"
},
"product_reference": "pam-debuginfo-0:1.3.1-37.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-37.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.aarch64"
},
"product_reference": "pam-debugsource-0:1.3.1-37.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-37.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.i686"
},
"product_reference": "pam-debugsource-0:1.3.1-37.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-37.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.ppc64le"
},
"product_reference": "pam-debugsource-0:1.3.1-37.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-37.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.s390x"
},
"product_reference": "pam-debugsource-0:1.3.1-37.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-37.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.x86_64"
},
"product_reference": "pam-debugsource-0:1.3.1-37.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-37.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.aarch64"
},
"product_reference": "pam-devel-0:1.3.1-37.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-37.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.i686"
},
"product_reference": "pam-devel-0:1.3.1-37.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-37.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.ppc64le"
},
"product_reference": "pam-devel-0:1.3.1-37.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-37.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.s390x"
},
"product_reference": "pam-devel-0:1.3.1-37.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-37.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.x86_64"
},
"product_reference": "pam-devel-0:1.3.1-37.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-01T14:00:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10027"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-0:1.3.1-37.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debuginfo-0:1.3.1-37.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-debugsource-0:1.3.1-37.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:pam-devel-0:1.3.1-37.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
}
]
}
rhsa-2025:10024
Vulnerability from csaf_redhat
Published
2025-07-01 13:25
Modified
2025-07-30 15:35
Summary
Red Hat Security Advisory: pam security update
Notes
Topic
An update for pam is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.
Security Fix(es):
* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pam is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.\n\nSecurity Fix(es):\n\n* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10024",
"url": "https://access.redhat.com/errata/RHSA-2025:10024"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10024.json"
}
],
"title": "Red Hat Security Advisory: pam security update",
"tracking": {
"current_release_date": "2025-07-30T15:35:12+00:00",
"generator": {
"date": "2025-07-30T15:35:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.5"
}
},
"id": "RHSA-2025:10024",
"initial_release_date": "2025-07-01T13:25:43+00:00",
"revision_history": [
{
"date": "2025-07-01T13:25:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-01T13:25:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-07-30T15:35:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.4::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:9.4::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-24.el9_4.aarch64",
"product": {
"name": "pam-devel-0:1.5.1-24.el9_4.aarch64",
"product_id": "pam-devel-0:1.5.1-24.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-24.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-24.el9_4.aarch64",
"product": {
"name": "pam-docs-0:1.5.1-24.el9_4.aarch64",
"product_id": "pam-docs-0:1.5.1-24.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-24.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-24.el9_4.aarch64",
"product": {
"name": "pam-debugsource-0:1.5.1-24.el9_4.aarch64",
"product_id": "pam-debugsource-0:1.5.1-24.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-24.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-24.el9_4.aarch64",
"product": {
"name": "pam-debuginfo-0:1.5.1-24.el9_4.aarch64",
"product_id": "pam-debuginfo-0:1.5.1-24.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-24.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-0:1.5.1-24.el9_4.aarch64",
"product": {
"name": "pam-0:1.5.1-24.el9_4.aarch64",
"product_id": "pam-0:1.5.1-24.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-24.el9_4?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-24.el9_4.ppc64le",
"product": {
"name": "pam-devel-0:1.5.1-24.el9_4.ppc64le",
"product_id": "pam-devel-0:1.5.1-24.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-24.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-24.el9_4.ppc64le",
"product": {
"name": "pam-docs-0:1.5.1-24.el9_4.ppc64le",
"product_id": "pam-docs-0:1.5.1-24.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-24.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-24.el9_4.ppc64le",
"product": {
"name": "pam-debugsource-0:1.5.1-24.el9_4.ppc64le",
"product_id": "pam-debugsource-0:1.5.1-24.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-24.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-24.el9_4.ppc64le",
"product": {
"name": "pam-debuginfo-0:1.5.1-24.el9_4.ppc64le",
"product_id": "pam-debuginfo-0:1.5.1-24.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-24.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-0:1.5.1-24.el9_4.ppc64le",
"product": {
"name": "pam-0:1.5.1-24.el9_4.ppc64le",
"product_id": "pam-0:1.5.1-24.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-24.el9_4?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-24.el9_4.i686",
"product": {
"name": "pam-devel-0:1.5.1-24.el9_4.i686",
"product_id": "pam-devel-0:1.5.1-24.el9_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-24.el9_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-24.el9_4.i686",
"product": {
"name": "pam-debugsource-0:1.5.1-24.el9_4.i686",
"product_id": "pam-debugsource-0:1.5.1-24.el9_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-24.el9_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-24.el9_4.i686",
"product": {
"name": "pam-debuginfo-0:1.5.1-24.el9_4.i686",
"product_id": "pam-debuginfo-0:1.5.1-24.el9_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-24.el9_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-0:1.5.1-24.el9_4.i686",
"product": {
"name": "pam-0:1.5.1-24.el9_4.i686",
"product_id": "pam-0:1.5.1-24.el9_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-24.el9_4?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-24.el9_4.x86_64",
"product": {
"name": "pam-devel-0:1.5.1-24.el9_4.x86_64",
"product_id": "pam-devel-0:1.5.1-24.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-24.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-24.el9_4.x86_64",
"product": {
"name": "pam-docs-0:1.5.1-24.el9_4.x86_64",
"product_id": "pam-docs-0:1.5.1-24.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-24.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-24.el9_4.x86_64",
"product": {
"name": "pam-debugsource-0:1.5.1-24.el9_4.x86_64",
"product_id": "pam-debugsource-0:1.5.1-24.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-24.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-24.el9_4.x86_64",
"product": {
"name": "pam-debuginfo-0:1.5.1-24.el9_4.x86_64",
"product_id": "pam-debuginfo-0:1.5.1-24.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-24.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-0:1.5.1-24.el9_4.x86_64",
"product": {
"name": "pam-0:1.5.1-24.el9_4.x86_64",
"product_id": "pam-0:1.5.1-24.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-24.el9_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-24.el9_4.s390x",
"product": {
"name": "pam-devel-0:1.5.1-24.el9_4.s390x",
"product_id": "pam-devel-0:1.5.1-24.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-24.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-24.el9_4.s390x",
"product": {
"name": "pam-docs-0:1.5.1-24.el9_4.s390x",
"product_id": "pam-docs-0:1.5.1-24.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-24.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-24.el9_4.s390x",
"product": {
"name": "pam-debugsource-0:1.5.1-24.el9_4.s390x",
"product_id": "pam-debugsource-0:1.5.1-24.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-24.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-24.el9_4.s390x",
"product": {
"name": "pam-debuginfo-0:1.5.1-24.el9_4.s390x",
"product_id": "pam-debuginfo-0:1.5.1-24.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-24.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-0:1.5.1-24.el9_4.s390x",
"product": {
"name": "pam-0:1.5.1-24.el9_4.s390x",
"product_id": "pam-0:1.5.1-24.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-24.el9_4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.5.1-24.el9_4.src",
"product": {
"name": "pam-0:1.5.1-24.el9_4.src",
"product_id": "pam-0:1.5.1-24.el9_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-24.el9_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-24.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.aarch64"
},
"product_reference": "pam-0:1.5.1-24.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-24.el9_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.i686"
},
"product_reference": "pam-0:1.5.1-24.el9_4.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-24.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.ppc64le"
},
"product_reference": "pam-0:1.5.1-24.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-24.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.s390x"
},
"product_reference": "pam-0:1.5.1-24.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-24.el9_4.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.src"
},
"product_reference": "pam-0:1.5.1-24.el9_4.src",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-24.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.x86_64"
},
"product_reference": "pam-0:1.5.1-24.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-24.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.aarch64"
},
"product_reference": "pam-debuginfo-0:1.5.1-24.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-24.el9_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.i686"
},
"product_reference": "pam-debuginfo-0:1.5.1-24.el9_4.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-24.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.ppc64le"
},
"product_reference": "pam-debuginfo-0:1.5.1-24.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-24.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.s390x"
},
"product_reference": "pam-debuginfo-0:1.5.1-24.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-24.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.x86_64"
},
"product_reference": "pam-debuginfo-0:1.5.1-24.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-24.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.aarch64"
},
"product_reference": "pam-debugsource-0:1.5.1-24.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-24.el9_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.i686"
},
"product_reference": "pam-debugsource-0:1.5.1-24.el9_4.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-24.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.ppc64le"
},
"product_reference": "pam-debugsource-0:1.5.1-24.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-24.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.s390x"
},
"product_reference": "pam-debugsource-0:1.5.1-24.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-24.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.x86_64"
},
"product_reference": "pam-debugsource-0:1.5.1-24.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-24.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.aarch64"
},
"product_reference": "pam-devel-0:1.5.1-24.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-24.el9_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.i686"
},
"product_reference": "pam-devel-0:1.5.1-24.el9_4.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-24.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.ppc64le"
},
"product_reference": "pam-devel-0:1.5.1-24.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-24.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.s390x"
},
"product_reference": "pam-devel-0:1.5.1-24.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-24.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.x86_64"
},
"product_reference": "pam-devel-0:1.5.1-24.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-24.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.aarch64"
},
"product_reference": "pam-docs-0:1.5.1-24.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-24.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.ppc64le"
},
"product_reference": "pam-docs-0:1.5.1-24.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-24.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.s390x"
},
"product_reference": "pam-docs-0:1.5.1-24.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-24.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.x86_64"
},
"product_reference": "pam-docs-0:1.5.1-24.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-24.el9_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.aarch64"
},
"product_reference": "pam-0:1.5.1-24.el9_4.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-24.el9_4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.i686"
},
"product_reference": "pam-0:1.5.1-24.el9_4.i686",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-24.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.ppc64le"
},
"product_reference": "pam-0:1.5.1-24.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-24.el9_4.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.s390x"
},
"product_reference": "pam-0:1.5.1-24.el9_4.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-24.el9_4.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.src"
},
"product_reference": "pam-0:1.5.1-24.el9_4.src",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-24.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.x86_64"
},
"product_reference": "pam-0:1.5.1-24.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-24.el9_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.aarch64"
},
"product_reference": "pam-debuginfo-0:1.5.1-24.el9_4.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-24.el9_4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.i686"
},
"product_reference": "pam-debuginfo-0:1.5.1-24.el9_4.i686",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-24.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.ppc64le"
},
"product_reference": "pam-debuginfo-0:1.5.1-24.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-24.el9_4.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.s390x"
},
"product_reference": "pam-debuginfo-0:1.5.1-24.el9_4.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-24.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.x86_64"
},
"product_reference": "pam-debuginfo-0:1.5.1-24.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-24.el9_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.aarch64"
},
"product_reference": "pam-debugsource-0:1.5.1-24.el9_4.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-24.el9_4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.i686"
},
"product_reference": "pam-debugsource-0:1.5.1-24.el9_4.i686",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-24.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.ppc64le"
},
"product_reference": "pam-debugsource-0:1.5.1-24.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-24.el9_4.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.s390x"
},
"product_reference": "pam-debugsource-0:1.5.1-24.el9_4.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-24.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.x86_64"
},
"product_reference": "pam-debugsource-0:1.5.1-24.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-24.el9_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.aarch64"
},
"product_reference": "pam-devel-0:1.5.1-24.el9_4.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-24.el9_4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.i686"
},
"product_reference": "pam-devel-0:1.5.1-24.el9_4.i686",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-24.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.ppc64le"
},
"product_reference": "pam-devel-0:1.5.1-24.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-24.el9_4.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.s390x"
},
"product_reference": "pam-devel-0:1.5.1-24.el9_4.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-24.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.x86_64"
},
"product_reference": "pam-devel-0:1.5.1-24.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-24.el9_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.aarch64"
},
"product_reference": "pam-docs-0:1.5.1-24.el9_4.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-24.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.ppc64le"
},
"product_reference": "pam-docs-0:1.5.1-24.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-24.el9_4.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.s390x"
},
"product_reference": "pam-docs-0:1.5.1-24.el9_4.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-24.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.x86_64"
},
"product_reference": "pam-docs-0:1.5.1-24.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.src",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.src",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-01T13:25:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.src",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.src",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10024"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.src",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.src",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.src",
"AppStream-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.i686",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.src",
"BaseOS-9.4.0.Z.EUS:pam-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-debuginfo-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-debugsource-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-devel-0:1.5.1-24.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:pam-docs-0:1.5.1-24.el9_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
}
]
}
rhsa-2025:10354
Vulnerability from csaf_redhat
Published
2025-07-07 02:35
Modified
2025-07-30 15:36
Summary
Red Hat Security Advisory: pam security update
Notes
Topic
An update for pam is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.
Security Fix(es):
* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pam is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.\n\nSecurity Fix(es):\n\n* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10354",
"url": "https://access.redhat.com/errata/RHSA-2025:10354"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10354.json"
}
],
"title": "Red Hat Security Advisory: pam security update",
"tracking": {
"current_release_date": "2025-07-30T15:36:52+00:00",
"generator": {
"date": "2025-07-30T15:36:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.5"
}
},
"id": "RHSA-2025:10354",
"initial_release_date": "2025-07-07T02:35:15+00:00",
"revision_history": [
{
"date": "2025-07-07T02:35:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-07T02:35:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-07-30T15:36:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:9.0::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.5.1-9.el9_0.2.src",
"product": {
"name": "pam-0:1.5.1-9.el9_0.2.src",
"product_id": "pam-0:1.5.1-9.el9_0.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-9.el9_0.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.5.1-9.el9_0.2.aarch64",
"product": {
"name": "pam-0:1.5.1-9.el9_0.2.aarch64",
"product_id": "pam-0:1.5.1-9.el9_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-9.el9_0.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.aarch64",
"product": {
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.aarch64",
"product_id": "pam-debugsource-0:1.5.1-9.el9_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-9.el9_0.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64",
"product": {
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64",
"product_id": "pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-9.el9_0.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-9.el9_0.2.aarch64",
"product": {
"name": "pam-devel-0:1.5.1-9.el9_0.2.aarch64",
"product_id": "pam-devel-0:1.5.1-9.el9_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-9.el9_0.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-9.el9_0.2.aarch64",
"product": {
"name": "pam-docs-0:1.5.1-9.el9_0.2.aarch64",
"product_id": "pam-docs-0:1.5.1-9.el9_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-9.el9_0.2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.5.1-9.el9_0.2.ppc64le",
"product": {
"name": "pam-0:1.5.1-9.el9_0.2.ppc64le",
"product_id": "pam-0:1.5.1-9.el9_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-9.el9_0.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le",
"product": {
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le",
"product_id": "pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-9.el9_0.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le",
"product": {
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le",
"product_id": "pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-9.el9_0.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-9.el9_0.2.ppc64le",
"product": {
"name": "pam-devel-0:1.5.1-9.el9_0.2.ppc64le",
"product_id": "pam-devel-0:1.5.1-9.el9_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-9.el9_0.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-9.el9_0.2.ppc64le",
"product": {
"name": "pam-docs-0:1.5.1-9.el9_0.2.ppc64le",
"product_id": "pam-docs-0:1.5.1-9.el9_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-9.el9_0.2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.5.1-9.el9_0.2.i686",
"product": {
"name": "pam-0:1.5.1-9.el9_0.2.i686",
"product_id": "pam-0:1.5.1-9.el9_0.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-9.el9_0.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.i686",
"product": {
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.i686",
"product_id": "pam-debugsource-0:1.5.1-9.el9_0.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-9.el9_0.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.i686",
"product": {
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.i686",
"product_id": "pam-debuginfo-0:1.5.1-9.el9_0.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-9.el9_0.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-9.el9_0.2.i686",
"product": {
"name": "pam-devel-0:1.5.1-9.el9_0.2.i686",
"product_id": "pam-devel-0:1.5.1-9.el9_0.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-9.el9_0.2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.5.1-9.el9_0.2.x86_64",
"product": {
"name": "pam-0:1.5.1-9.el9_0.2.x86_64",
"product_id": "pam-0:1.5.1-9.el9_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-9.el9_0.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.x86_64",
"product": {
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.x86_64",
"product_id": "pam-debugsource-0:1.5.1-9.el9_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-9.el9_0.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64",
"product": {
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64",
"product_id": "pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-9.el9_0.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-9.el9_0.2.x86_64",
"product": {
"name": "pam-devel-0:1.5.1-9.el9_0.2.x86_64",
"product_id": "pam-devel-0:1.5.1-9.el9_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-9.el9_0.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-9.el9_0.2.x86_64",
"product": {
"name": "pam-docs-0:1.5.1-9.el9_0.2.x86_64",
"product_id": "pam-docs-0:1.5.1-9.el9_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-9.el9_0.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.5.1-9.el9_0.2.s390x",
"product": {
"name": "pam-0:1.5.1-9.el9_0.2.s390x",
"product_id": "pam-0:1.5.1-9.el9_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.5.1-9.el9_0.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.s390x",
"product": {
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.s390x",
"product_id": "pam-debugsource-0:1.5.1-9.el9_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.5.1-9.el9_0.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.s390x",
"product": {
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.s390x",
"product_id": "pam-debuginfo-0:1.5.1-9.el9_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.5.1-9.el9_0.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.5.1-9.el9_0.2.s390x",
"product": {
"name": "pam-devel-0:1.5.1-9.el9_0.2.s390x",
"product_id": "pam-devel-0:1.5.1-9.el9_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.5.1-9.el9_0.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-docs-0:1.5.1-9.el9_0.2.s390x",
"product": {
"name": "pam-docs-0:1.5.1-9.el9_0.2.s390x",
"product_id": "pam-docs-0:1.5.1-9.el9_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-docs@1.5.1-9.el9_0.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-9.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.aarch64"
},
"product_reference": "pam-0:1.5.1-9.el9_0.2.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-9.el9_0.2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.i686"
},
"product_reference": "pam-0:1.5.1-9.el9_0.2.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-9.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.ppc64le"
},
"product_reference": "pam-0:1.5.1-9.el9_0.2.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-9.el9_0.2.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.s390x"
},
"product_reference": "pam-0:1.5.1-9.el9_0.2.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-9.el9_0.2.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.src"
},
"product_reference": "pam-0:1.5.1-9.el9_0.2.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-9.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.x86_64"
},
"product_reference": "pam-0:1.5.1-9.el9_0.2.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64"
},
"product_reference": "pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.i686"
},
"product_reference": "pam-debuginfo-0:1.5.1-9.el9_0.2.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le"
},
"product_reference": "pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.s390x"
},
"product_reference": "pam-debuginfo-0:1.5.1-9.el9_0.2.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64"
},
"product_reference": "pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.aarch64"
},
"product_reference": "pam-debugsource-0:1.5.1-9.el9_0.2.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.i686"
},
"product_reference": "pam-debugsource-0:1.5.1-9.el9_0.2.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le"
},
"product_reference": "pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.s390x"
},
"product_reference": "pam-debugsource-0:1.5.1-9.el9_0.2.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.x86_64"
},
"product_reference": "pam-debugsource-0:1.5.1-9.el9_0.2.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-9.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.aarch64"
},
"product_reference": "pam-devel-0:1.5.1-9.el9_0.2.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-9.el9_0.2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.i686"
},
"product_reference": "pam-devel-0:1.5.1-9.el9_0.2.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-9.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.ppc64le"
},
"product_reference": "pam-devel-0:1.5.1-9.el9_0.2.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-9.el9_0.2.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.s390x"
},
"product_reference": "pam-devel-0:1.5.1-9.el9_0.2.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-9.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.x86_64"
},
"product_reference": "pam-devel-0:1.5.1-9.el9_0.2.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-9.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.aarch64"
},
"product_reference": "pam-docs-0:1.5.1-9.el9_0.2.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-9.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.ppc64le"
},
"product_reference": "pam-docs-0:1.5.1-9.el9_0.2.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-9.el9_0.2.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.s390x"
},
"product_reference": "pam-docs-0:1.5.1-9.el9_0.2.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-9.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.x86_64"
},
"product_reference": "pam-docs-0:1.5.1-9.el9_0.2.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-9.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.aarch64"
},
"product_reference": "pam-0:1.5.1-9.el9_0.2.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-9.el9_0.2.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.i686"
},
"product_reference": "pam-0:1.5.1-9.el9_0.2.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-9.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.ppc64le"
},
"product_reference": "pam-0:1.5.1-9.el9_0.2.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-9.el9_0.2.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.s390x"
},
"product_reference": "pam-0:1.5.1-9.el9_0.2.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-9.el9_0.2.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.src"
},
"product_reference": "pam-0:1.5.1-9.el9_0.2.src",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.5.1-9.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.x86_64"
},
"product_reference": "pam-0:1.5.1-9.el9_0.2.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64"
},
"product_reference": "pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.i686"
},
"product_reference": "pam-debuginfo-0:1.5.1-9.el9_0.2.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le"
},
"product_reference": "pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.s390x"
},
"product_reference": "pam-debuginfo-0:1.5.1-9.el9_0.2.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64"
},
"product_reference": "pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.aarch64"
},
"product_reference": "pam-debugsource-0:1.5.1-9.el9_0.2.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.i686"
},
"product_reference": "pam-debugsource-0:1.5.1-9.el9_0.2.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le"
},
"product_reference": "pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.s390x"
},
"product_reference": "pam-debugsource-0:1.5.1-9.el9_0.2.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.5.1-9.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.x86_64"
},
"product_reference": "pam-debugsource-0:1.5.1-9.el9_0.2.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-9.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.aarch64"
},
"product_reference": "pam-devel-0:1.5.1-9.el9_0.2.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-9.el9_0.2.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.i686"
},
"product_reference": "pam-devel-0:1.5.1-9.el9_0.2.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-9.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.ppc64le"
},
"product_reference": "pam-devel-0:1.5.1-9.el9_0.2.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-9.el9_0.2.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.s390x"
},
"product_reference": "pam-devel-0:1.5.1-9.el9_0.2.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.5.1-9.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.x86_64"
},
"product_reference": "pam-devel-0:1.5.1-9.el9_0.2.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-9.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.aarch64"
},
"product_reference": "pam-docs-0:1.5.1-9.el9_0.2.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-9.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.ppc64le"
},
"product_reference": "pam-docs-0:1.5.1-9.el9_0.2.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-9.el9_0.2.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.s390x"
},
"product_reference": "pam-docs-0:1.5.1-9.el9_0.2.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-docs-0:1.5.1-9.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.x86_64"
},
"product_reference": "pam-docs-0:1.5.1-9.el9_0.2.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.src",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.src",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T02:35:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.src",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.src",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10354"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.src",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.src",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.src",
"AppStream-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.i686",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.x86_64",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.aarch64",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.ppc64le",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.s390x",
"AppStream-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.src",
"BaseOS-9.0.0.Z.E4S:pam-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-debuginfo-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-debugsource-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.i686",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-devel-0:1.5.1-9.el9_0.2.x86_64",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.aarch64",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.ppc64le",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.s390x",
"BaseOS-9.0.0.Z.E4S:pam-docs-0:1.5.1-9.el9_0.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
}
]
}
rhsa-2025:10359
Vulnerability from csaf_redhat
Published
2025-07-07 02:30
Modified
2025-07-30 15:36
Summary
Red Hat Security Advisory: pam security update
Notes
Topic
An update for pam is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.
Security Fix(es):
* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pam is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.\n\nSecurity Fix(es):\n\n* linux-pam: Linux-pam directory Traversal (CVE-2025-6020)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10359",
"url": "https://access.redhat.com/errata/RHSA-2025:10359"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10359.json"
}
],
"title": "Red Hat Security Advisory: pam security update",
"tracking": {
"current_release_date": "2025-07-30T15:36:21+00:00",
"generator": {
"date": "2025-07-30T15:36:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.5"
}
},
"id": "RHSA-2025:10359",
"initial_release_date": "2025-07-07T02:30:12+00:00",
"revision_history": [
{
"date": "2025-07-07T02:30:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-07T02:30:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-07-30T15:36:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.6::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:8.6::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:8.6::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-16.el8_6.2.src",
"product": {
"name": "pam-0:1.3.1-16.el8_6.2.src",
"product_id": "pam-0:1.3.1-16.el8_6.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-16.el8_6.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-16.el8_6.2.i686",
"product": {
"name": "pam-0:1.3.1-16.el8_6.2.i686",
"product_id": "pam-0:1.3.1-16.el8_6.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-16.el8_6.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-16.el8_6.2.i686",
"product": {
"name": "pam-devel-0:1.3.1-16.el8_6.2.i686",
"product_id": "pam-devel-0:1.3.1-16.el8_6.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-16.el8_6.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"product": {
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"product_id": "pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-16.el8_6.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"product": {
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"product_id": "pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-16.el8_6.2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-16.el8_6.2.x86_64",
"product": {
"name": "pam-0:1.3.1-16.el8_6.2.x86_64",
"product_id": "pam-0:1.3.1-16.el8_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-16.el8_6.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-16.el8_6.2.x86_64",
"product": {
"name": "pam-devel-0:1.3.1-16.el8_6.2.x86_64",
"product_id": "pam-devel-0:1.3.1-16.el8_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-16.el8_6.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"product": {
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"product_id": "pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-16.el8_6.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"product": {
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"product_id": "pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-16.el8_6.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-16.el8_6.2.aarch64",
"product": {
"name": "pam-0:1.3.1-16.el8_6.2.aarch64",
"product_id": "pam-0:1.3.1-16.el8_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-16.el8_6.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-16.el8_6.2.aarch64",
"product": {
"name": "pam-devel-0:1.3.1-16.el8_6.2.aarch64",
"product_id": "pam-devel-0:1.3.1-16.el8_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-16.el8_6.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.aarch64",
"product": {
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.aarch64",
"product_id": "pam-debugsource-0:1.3.1-16.el8_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-16.el8_6.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.aarch64",
"product": {
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.aarch64",
"product_id": "pam-debuginfo-0:1.3.1-16.el8_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-16.el8_6.2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-16.el8_6.2.ppc64le",
"product": {
"name": "pam-0:1.3.1-16.el8_6.2.ppc64le",
"product_id": "pam-0:1.3.1-16.el8_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-16.el8_6.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-16.el8_6.2.ppc64le",
"product": {
"name": "pam-devel-0:1.3.1-16.el8_6.2.ppc64le",
"product_id": "pam-devel-0:1.3.1-16.el8_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-16.el8_6.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.ppc64le",
"product": {
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.ppc64le",
"product_id": "pam-debugsource-0:1.3.1-16.el8_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-16.el8_6.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.ppc64le",
"product": {
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.ppc64le",
"product_id": "pam-debuginfo-0:1.3.1-16.el8_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-16.el8_6.2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-0:1.3.1-16.el8_6.2.s390x",
"product": {
"name": "pam-0:1.3.1-16.el8_6.2.s390x",
"product_id": "pam-0:1.3.1-16.el8_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam@1.3.1-16.el8_6.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-devel-0:1.3.1-16.el8_6.2.s390x",
"product": {
"name": "pam-devel-0:1.3.1-16.el8_6.2.s390x",
"product_id": "pam-devel-0:1.3.1-16.el8_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-devel@1.3.1-16.el8_6.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.s390x",
"product": {
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.s390x",
"product_id": "pam-debugsource-0:1.3.1-16.el8_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debugsource@1.3.1-16.el8_6.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.s390x",
"product": {
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.s390x",
"product_id": "pam-debuginfo-0:1.3.1-16.el8_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam-debuginfo@1.3.1-16.el8_6.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-16.el8_6.2.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:pam-0:1.3.1-16.el8_6.2.i686"
},
"product_reference": "pam-0:1.3.1-16.el8_6.2.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-16.el8_6.2.src as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:pam-0:1.3.1-16.el8_6.2.src"
},
"product_reference": "pam-0:1.3.1-16.el8_6.2.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-16.el8_6.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:pam-0:1.3.1-16.el8_6.2.x86_64"
},
"product_reference": "pam-0:1.3.1-16.el8_6.2.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:pam-debuginfo-0:1.3.1-16.el8_6.2.i686"
},
"product_reference": "pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64"
},
"product_reference": "pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:pam-debugsource-0:1.3.1-16.el8_6.2.i686"
},
"product_reference": "pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:pam-debugsource-0:1.3.1-16.el8_6.2.x86_64"
},
"product_reference": "pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-16.el8_6.2.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:pam-devel-0:1.3.1-16.el8_6.2.i686"
},
"product_reference": "pam-devel-0:1.3.1-16.el8_6.2.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-16.el8_6.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:pam-devel-0:1.3.1-16.el8_6.2.x86_64"
},
"product_reference": "pam-devel-0:1.3.1-16.el8_6.2.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-16.el8_6.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.aarch64"
},
"product_reference": "pam-0:1.3.1-16.el8_6.2.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-16.el8_6.2.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.i686"
},
"product_reference": "pam-0:1.3.1-16.el8_6.2.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-16.el8_6.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.ppc64le"
},
"product_reference": "pam-0:1.3.1-16.el8_6.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-16.el8_6.2.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.s390x"
},
"product_reference": "pam-0:1.3.1-16.el8_6.2.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-16.el8_6.2.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.src"
},
"product_reference": "pam-0:1.3.1-16.el8_6.2.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-16.el8_6.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.x86_64"
},
"product_reference": "pam-0:1.3.1-16.el8_6.2.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.aarch64"
},
"product_reference": "pam-debuginfo-0:1.3.1-16.el8_6.2.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.i686"
},
"product_reference": "pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.ppc64le"
},
"product_reference": "pam-debuginfo-0:1.3.1-16.el8_6.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.s390x"
},
"product_reference": "pam-debuginfo-0:1.3.1-16.el8_6.2.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64"
},
"product_reference": "pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.aarch64"
},
"product_reference": "pam-debugsource-0:1.3.1-16.el8_6.2.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.i686"
},
"product_reference": "pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.ppc64le"
},
"product_reference": "pam-debugsource-0:1.3.1-16.el8_6.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.s390x"
},
"product_reference": "pam-debugsource-0:1.3.1-16.el8_6.2.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.x86_64"
},
"product_reference": "pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-16.el8_6.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.aarch64"
},
"product_reference": "pam-devel-0:1.3.1-16.el8_6.2.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-16.el8_6.2.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.i686"
},
"product_reference": "pam-devel-0:1.3.1-16.el8_6.2.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-16.el8_6.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.ppc64le"
},
"product_reference": "pam-devel-0:1.3.1-16.el8_6.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-16.el8_6.2.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.s390x"
},
"product_reference": "pam-devel-0:1.3.1-16.el8_6.2.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-16.el8_6.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.x86_64"
},
"product_reference": "pam-devel-0:1.3.1-16.el8_6.2.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-16.el8_6.2.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:pam-0:1.3.1-16.el8_6.2.i686"
},
"product_reference": "pam-0:1.3.1-16.el8_6.2.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-16.el8_6.2.src as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:pam-0:1.3.1-16.el8_6.2.src"
},
"product_reference": "pam-0:1.3.1-16.el8_6.2.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-0:1.3.1-16.el8_6.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:pam-0:1.3.1-16.el8_6.2.x86_64"
},
"product_reference": "pam-0:1.3.1-16.el8_6.2.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:pam-debuginfo-0:1.3.1-16.el8_6.2.i686"
},
"product_reference": "pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64"
},
"product_reference": "pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:pam-debugsource-0:1.3.1-16.el8_6.2.i686"
},
"product_reference": "pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-debugsource-0:1.3.1-16.el8_6.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:pam-debugsource-0:1.3.1-16.el8_6.2.x86_64"
},
"product_reference": "pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-16.el8_6.2.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:pam-devel-0:1.3.1-16.el8_6.2.i686"
},
"product_reference": "pam-devel-0:1.3.1-16.el8_6.2.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-0:1.3.1-16.el8_6.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:pam-devel-0:1.3.1-16.el8_6.2.x86_64"
},
"product_reference": "pam-devel-0:1.3.1-16.el8_6.2.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.6.0.Z.AUS:pam-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-0:1.3.1-16.el8_6.2.src",
"BaseOS-8.6.0.Z.AUS:pam-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.AUS:pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.AUS:pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.AUS:pam-devel-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-devel-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.src",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-0:1.3.1-16.el8_6.2.src",
"BaseOS-8.6.0.Z.TUS:pam-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-devel-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-devel-0:1.3.1-16.el8_6.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T02:30:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:pam-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-0:1.3.1-16.el8_6.2.src",
"BaseOS-8.6.0.Z.AUS:pam-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.AUS:pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.AUS:pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.AUS:pam-devel-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-devel-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.src",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-0:1.3.1-16.el8_6.2.src",
"BaseOS-8.6.0.Z.TUS:pam-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-devel-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-devel-0:1.3.1-16.el8_6.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10359"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:pam-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-0:1.3.1-16.el8_6.2.src",
"BaseOS-8.6.0.Z.AUS:pam-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.AUS:pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.AUS:pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.AUS:pam-devel-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-devel-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.src",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-0:1.3.1-16.el8_6.2.src",
"BaseOS-8.6.0.Z.TUS:pam-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-devel-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-devel-0:1.3.1-16.el8_6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.6.0.Z.AUS:pam-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-0:1.3.1-16.el8_6.2.src",
"BaseOS-8.6.0.Z.AUS:pam-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.AUS:pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.AUS:pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.AUS:pam-devel-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.AUS:pam-devel-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.src",
"BaseOS-8.6.0.Z.E4S:pam-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.aarch64",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.ppc64le",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.s390x",
"BaseOS-8.6.0.Z.E4S:pam-devel-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-0:1.3.1-16.el8_6.2.src",
"BaseOS-8.6.0.Z.TUS:pam-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-debuginfo-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-debuginfo-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-debugsource-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-debugsource-0:1.3.1-16.el8_6.2.x86_64",
"BaseOS-8.6.0.Z.TUS:pam-devel-0:1.3.1-16.el8_6.2.i686",
"BaseOS-8.6.0.Z.TUS:pam-devel-0:1.3.1-16.el8_6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
}
]
}
suse-su-2025:02013-1
Vulnerability from csaf_suse
Published
2025-06-18 18:05
Modified
2025-06-18 18:05
Summary
Security update for pam
Notes
Title of the patch
Security update for pam
Description of the patch
This update for pam fixes the following issues:
- CVE-2025-6018: pam_env: Change the default to not read the user .pam_environment file (bsc#1243226).
- CVE-2025-6020: pam_namespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path (bsc#1244509).
Patchnames
SUSE-2025-2013,SUSE-SLE-Micro-5.3-2025-2013,SUSE-SLE-Micro-5.4-2025-2013,SUSE-SLE-Micro-5.5-2025-2013,SUSE-SLE-Module-Basesystem-15-SP6-2025-2013,SUSE-SLE-Module-Basesystem-15-SP7-2025-2013,SUSE-SLE-Module-Development-Tools-15-SP6-2025-2013,SUSE-SLE-Module-Development-Tools-15-SP7-2025-2013,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2013,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2013,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2013,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2013,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2013,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2013,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2013,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2013,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2013,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2013,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2013,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2013,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2013,SUSE-SUSE-MicroOS-5.1-2025-2013,SUSE-SUSE-MicroOS-5.2-2025-2013,SUSE-Storage-7.1-2025-2013,openSUSE-SLE-15.6-2025-2013
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for pam",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for pam fixes the following issues:\n\n- CVE-2025-6018: pam_env: Change the default to not read the user .pam_environment file (bsc#1243226).\n- CVE-2025-6020: pam_namespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path (bsc#1244509).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2013,SUSE-SLE-Micro-5.3-2025-2013,SUSE-SLE-Micro-5.4-2025-2013,SUSE-SLE-Micro-5.5-2025-2013,SUSE-SLE-Module-Basesystem-15-SP6-2025-2013,SUSE-SLE-Module-Basesystem-15-SP7-2025-2013,SUSE-SLE-Module-Development-Tools-15-SP6-2025-2013,SUSE-SLE-Module-Development-Tools-15-SP7-2025-2013,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2013,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2013,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2013,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2013,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2013,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2013,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2013,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2013,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2013,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2013,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2013,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2013,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2013,SUSE-SUSE-MicroOS-5.1-2025-2013,SUSE-SUSE-MicroOS-5.2-2025-2013,SUSE-Storage-7.1-2025-2013,openSUSE-SLE-15.6-2025-2013",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02013-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02013-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502013-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02013-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040370.html"
},
{
"category": "self",
"summary": "SUSE Bug 1243226",
"url": "https://bugzilla.suse.com/1243226"
},
{
"category": "self",
"summary": "SUSE Bug 1244509",
"url": "https://bugzilla.suse.com/1244509"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6018 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6020 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6020/"
}
],
"title": "Security update for pam",
"tracking": {
"current_release_date": "2025-06-18T18:05:26Z",
"generator": {
"date": "2025-06-18T18:05:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02013-1",
"initial_release_date": "2025-06-18T18:05:26Z",
"revision_history": [
{
"date": "2025-06-18T18:05:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "pam-1.3.0-150000.6.83.1.aarch64",
"product": {
"name": "pam-1.3.0-150000.6.83.1.aarch64",
"product_id": "pam-1.3.0-150000.6.83.1.aarch64"
}
},
{
"category": "product_version",
"name": "pam-devel-1.3.0-150000.6.83.1.aarch64",
"product": {
"name": "pam-devel-1.3.0-150000.6.83.1.aarch64",
"product_id": "pam-devel-1.3.0-150000.6.83.1.aarch64"
}
},
{
"category": "product_version",
"name": "pam-extra-1.3.0-150000.6.83.1.aarch64",
"product": {
"name": "pam-extra-1.3.0-150000.6.83.1.aarch64",
"product_id": "pam-extra-1.3.0-150000.6.83.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-64bit-1.3.0-150000.6.83.1.aarch64_ilp32",
"product": {
"name": "pam-64bit-1.3.0-150000.6.83.1.aarch64_ilp32",
"product_id": "pam-64bit-1.3.0-150000.6.83.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "pam-devel-64bit-1.3.0-150000.6.83.1.aarch64_ilp32",
"product": {
"name": "pam-devel-64bit-1.3.0-150000.6.83.1.aarch64_ilp32",
"product_id": "pam-devel-64bit-1.3.0-150000.6.83.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "pam-extra-64bit-1.3.0-150000.6.83.1.aarch64_ilp32",
"product": {
"name": "pam-extra-64bit-1.3.0-150000.6.83.1.aarch64_ilp32",
"product_id": "pam-extra-64bit-1.3.0-150000.6.83.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-1.3.0-150000.6.83.1.i586",
"product": {
"name": "pam-1.3.0-150000.6.83.1.i586",
"product_id": "pam-1.3.0-150000.6.83.1.i586"
}
},
{
"category": "product_version",
"name": "pam-devel-1.3.0-150000.6.83.1.i586",
"product": {
"name": "pam-devel-1.3.0-150000.6.83.1.i586",
"product_id": "pam-devel-1.3.0-150000.6.83.1.i586"
}
},
{
"category": "product_version",
"name": "pam-extra-1.3.0-150000.6.83.1.i586",
"product": {
"name": "pam-extra-1.3.0-150000.6.83.1.i586",
"product_id": "pam-extra-1.3.0-150000.6.83.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-doc-1.3.0-150000.6.83.1.noarch",
"product": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch",
"product_id": "pam-doc-1.3.0-150000.6.83.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-1.3.0-150000.6.83.1.ppc64le",
"product": {
"name": "pam-1.3.0-150000.6.83.1.ppc64le",
"product_id": "pam-1.3.0-150000.6.83.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pam-devel-1.3.0-150000.6.83.1.ppc64le",
"product": {
"name": "pam-devel-1.3.0-150000.6.83.1.ppc64le",
"product_id": "pam-devel-1.3.0-150000.6.83.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pam-extra-1.3.0-150000.6.83.1.ppc64le",
"product": {
"name": "pam-extra-1.3.0-150000.6.83.1.ppc64le",
"product_id": "pam-extra-1.3.0-150000.6.83.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-1.3.0-150000.6.83.1.s390x",
"product": {
"name": "pam-1.3.0-150000.6.83.1.s390x",
"product_id": "pam-1.3.0-150000.6.83.1.s390x"
}
},
{
"category": "product_version",
"name": "pam-devel-1.3.0-150000.6.83.1.s390x",
"product": {
"name": "pam-devel-1.3.0-150000.6.83.1.s390x",
"product_id": "pam-devel-1.3.0-150000.6.83.1.s390x"
}
},
{
"category": "product_version",
"name": "pam-extra-1.3.0-150000.6.83.1.s390x",
"product": {
"name": "pam-extra-1.3.0-150000.6.83.1.s390x",
"product_id": "pam-extra-1.3.0-150000.6.83.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-1.3.0-150000.6.83.1.x86_64",
"product": {
"name": "pam-1.3.0-150000.6.83.1.x86_64",
"product_id": "pam-1.3.0-150000.6.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"product": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"product_id": "pam-32bit-1.3.0-150000.6.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"product": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"product_id": "pam-devel-1.3.0-150000.6.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"product": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"product_id": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"product": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"product_id": "pam-extra-1.3.0-150000.6.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"product": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"product_id": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:pam-devel-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:pam-extra-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.3.0-150000.6.83.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.3.0-150000.6.83.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.3.0-150000.6.83.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-doc-1.3.0-150000.6.83.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-doc-1.3.0-150000.6.83.1.noarch"
},
"product_reference": "pam-doc-1.3.0-150000.6.83.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.aarch64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.ppc64le"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.s390x"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-1.3.0-150000.6.83.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
},
"product_reference": "pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6018"
}
],
"notes": [
{
"category": "general",
"text": "A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, \"allow_active\" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Enterprise Storage 7.1:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Manager Proxy 4.3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-doc-1.3.0-150000.6.83.1.noarch",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6018",
"url": "https://www.suse.com/security/cve/CVE-2025-6018"
},
{
"category": "external",
"summary": "SUSE Bug 1243226 for CVE-2025-6018",
"url": "https://bugzilla.suse.com/1243226"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Enterprise Storage 7.1:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Manager Proxy 4.3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-doc-1.3.0-150000.6.83.1.noarch",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Enterprise Storage 7.1:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Manager Proxy 4.3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-doc-1.3.0-150000.6.83.1.noarch",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T18:05:26Z",
"details": "important"
}
],
"title": "CVE-2025-6018"
},
{
"cve": "CVE-2025-6020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6020"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Enterprise Storage 7.1:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Manager Proxy 4.3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-doc-1.3.0-150000.6.83.1.noarch",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6020",
"url": "https://www.suse.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "SUSE Bug 1244509 for CVE-2025-6020",
"url": "https://bugzilla.suse.com/1244509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Enterprise Storage 7.1:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Manager Proxy 4.3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-doc-1.3.0-150000.6.83.1.noarch",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Enterprise Storage 7.1:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Enterprise Storage 7.1:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Enterprise Storage 7.1:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.1:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.2:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.4:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Micro 5.5:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Manager Proxy 4.3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Proxy 4.3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-devel-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-doc-1.3.0-150000.6.83.1.noarch",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.s390x",
"SUSE Manager Server 4.3:pam-extra-1.3.0-150000.6.83.1.x86_64",
"SUSE Manager Server 4.3:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-devel-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-devel-32bit-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-doc-1.3.0-150000.6.83.1.noarch",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.aarch64",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.ppc64le",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.s390x",
"openSUSE Leap 15.6:pam-extra-1.3.0-150000.6.83.1.x86_64",
"openSUSE Leap 15.6:pam-extra-32bit-1.3.0-150000.6.83.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T18:05:26Z",
"details": "important"
}
],
"title": "CVE-2025-6020"
}
]
}
suse-su-2025:20441-1
Vulnerability from csaf_suse
Published
2025-06-19 08:45
Modified
2025-06-19 08:45
Summary
Security update for pam
Notes
Title of the patch
Security update for pam
Description of the patch
This update for pam fixes the following issues:
- CVE-2025-6020: pam_namespace: convert functions that may operate on a user-controlled path
to operate on file descriptors instead of absolute path. And keep the
bind-mount protection from protect_mount() as a defense in depthmeasure.
(bsc#1244509)
Patchnames
SUSE-SLE-Micro-6.1-151
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for pam",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for pam fixes the following issues:\n\n- CVE-2025-6020: pam_namespace: convert functions that may operate on a user-controlled path\n to operate on file descriptors instead of absolute path. And keep the\n bind-mount protection from protect_mount() as a defense in depthmeasure.\n (bsc#1244509)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-151",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20441-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20441-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520441-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20441-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040564.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244509",
"url": "https://bugzilla.suse.com/1244509"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6020 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6020/"
}
],
"title": "Security update for pam",
"tracking": {
"current_release_date": "2025-06-19T08:45:49Z",
"generator": {
"date": "2025-06-19T08:45:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20441-1",
"initial_release_date": "2025-06-19T08:45:49Z",
"revision_history": [
{
"date": "2025-06-19T08:45:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "pam-1.6.1-slfo.1.1_3.1.aarch64",
"product": {
"name": "pam-1.6.1-slfo.1.1_3.1.aarch64",
"product_id": "pam-1.6.1-slfo.1.1_3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-1.6.1-slfo.1.1_3.1.s390x",
"product": {
"name": "pam-1.6.1-slfo.1.1_3.1.s390x",
"product_id": "pam-1.6.1-slfo.1.1_3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-1.6.1-slfo.1.1_3.1.x86_64",
"product": {
"name": "pam-1.6.1-slfo.1.1_3.1.x86_64",
"product_id": "pam-1.6.1-slfo.1.1_3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.6.1-slfo.1.1_3.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:pam-1.6.1-slfo.1.1_3.1.aarch64"
},
"product_reference": "pam-1.6.1-slfo.1.1_3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.6.1-slfo.1.1_3.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:pam-1.6.1-slfo.1.1_3.1.s390x"
},
"product_reference": "pam-1.6.1-slfo.1.1_3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.6.1-slfo.1.1_3.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:pam-1.6.1-slfo.1.1_3.1.x86_64"
},
"product_reference": "pam-1.6.1-slfo.1.1_3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6020"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:pam-1.6.1-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:pam-1.6.1-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:pam-1.6.1-slfo.1.1_3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6020",
"url": "https://www.suse.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "SUSE Bug 1244509 for CVE-2025-6020",
"url": "https://bugzilla.suse.com/1244509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:pam-1.6.1-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:pam-1.6.1-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:pam-1.6.1-slfo.1.1_3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:pam-1.6.1-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:pam-1.6.1-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:pam-1.6.1-slfo.1.1_3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-19T08:45:49Z",
"details": "important"
}
],
"title": "CVE-2025-6020"
}
]
}
suse-su-2025:20427-1
Vulnerability from csaf_suse
Published
2025-06-19 08:49
Modified
2025-06-19 08:49
Summary
Security update for pam
Notes
Title of the patch
Security update for pam
Description of the patch
This update for pam fixes the following issues:
- CVE-2025-6020: pam_namespace: convert functions that may operate
on a user-controlled path to operate on file descriptors instead of
absolute path. And keep the bind-mount protection from protect_mount()
as a defense in depthmeasure. (bsc#1244509)
Patchnames
SUSE-SLE-Micro-6.0-361
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for pam",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for pam fixes the following issues:\n\n- CVE-2025-6020: pam_namespace: convert functions that may operate\n on a user-controlled path to operate on file descriptors instead of\n absolute path. And keep the bind-mount protection from protect_mount()\n as a defense in depthmeasure. (bsc#1244509)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-361",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20427-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20427-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520427-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20427-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040508.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244509",
"url": "https://bugzilla.suse.com/1244509"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6020 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6020/"
}
],
"title": "Security update for pam",
"tracking": {
"current_release_date": "2025-06-19T08:49:31Z",
"generator": {
"date": "2025-06-19T08:49:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20427-1",
"initial_release_date": "2025-06-19T08:49:31Z",
"revision_history": [
{
"date": "2025-06-19T08:49:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "pam-1.6.0-5.1.aarch64",
"product": {
"name": "pam-1.6.0-5.1.aarch64",
"product_id": "pam-1.6.0-5.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-1.6.0-5.1.s390x",
"product": {
"name": "pam-1.6.0-5.1.s390x",
"product_id": "pam-1.6.0-5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-1.6.0-5.1.x86_64",
"product": {
"name": "pam-1.6.0-5.1.x86_64",
"product_id": "pam-1.6.0-5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.6.0-5.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:pam-1.6.0-5.1.aarch64"
},
"product_reference": "pam-1.6.0-5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.6.0-5.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:pam-1.6.0-5.1.s390x"
},
"product_reference": "pam-1.6.0-5.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.6.0-5.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:pam-1.6.0-5.1.x86_64"
},
"product_reference": "pam-1.6.0-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6020"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:pam-1.6.0-5.1.aarch64",
"SUSE Linux Micro 6.0:pam-1.6.0-5.1.s390x",
"SUSE Linux Micro 6.0:pam-1.6.0-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6020",
"url": "https://www.suse.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "SUSE Bug 1244509 for CVE-2025-6020",
"url": "https://bugzilla.suse.com/1244509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:pam-1.6.0-5.1.aarch64",
"SUSE Linux Micro 6.0:pam-1.6.0-5.1.s390x",
"SUSE Linux Micro 6.0:pam-1.6.0-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:pam-1.6.0-5.1.aarch64",
"SUSE Linux Micro 6.0:pam-1.6.0-5.1.s390x",
"SUSE Linux Micro 6.0:pam-1.6.0-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-19T08:49:31Z",
"details": "important"
}
],
"title": "CVE-2025-6020"
}
]
}
wid-sec-w-2025-1339
Vulnerability from csaf_certbund
Published
2025-06-17 22:00
Modified
2025-08-06 22:00
Summary
PAM: Schwachstelle ermöglicht Privilegieneskalation
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Linux Pluggable Authentication Modules (PAM) ist eine Sammlung von Bibliotheken, die es einem Linux-Systemadministrator ermöglichen, Methoden zur Authentifizierung von Benutzern zu konfigurieren.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle in PAM ausnutzen, um seine Privilegien zu erhöhen.
Betroffene Betriebssysteme
- Linux
- UNIX
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Linux Pluggable Authentication Modules (PAM) ist eine Sammlung von Bibliotheken, die es einem Linux-Systemadministrator erm\u00f6glichen, Methoden zur Authentifizierung von Benutzern zu konfigurieren.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle in PAM ausnutzen, um seine Privilegien zu erh\u00f6hen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1339 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1339.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1339 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1339"
},
{
"category": "external",
"summary": "Linux-PAM 1.7.1 Release vom 2025-06-17",
"url": "https://github.com/linux-pam/linux-pam/releases/tag/v1.7.1"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-f9p8-gjr4-j9gx vom 2025-06-17",
"url": "https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7580-1 vom 2025-06-18",
"url": "https://ubuntu.com/security/notices/USN-7580-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02013-1 vom 2025-06-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021575.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-432B207745 vom 2025-06-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-432b207745"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-9526 vom 2025-06-25",
"url": "https://linux.oracle.com/errata/ELSA-2025-9526.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9526 vom 2025-06-25",
"url": "https://access.redhat.com/errata/RHSA-2025:9526"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9526 vom 2025-06-24",
"url": "https://access.redhat.com/errata/RHSA-2025:9526"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20427-1 vom 2025-06-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021679.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20441-1 vom 2025-06-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021724.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10024 vom 2025-07-01",
"url": "https://access.redhat.com/errata/RHSA-2025:10024"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10027 vom 2025-07-01",
"url": "https://access.redhat.com/errata/RHSA-2025:10027"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10027 vom 2025-07-01",
"url": "https://linux.oracle.com/errata/ELSA-2025-10027.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10180 vom 2025-07-02",
"url": "https://access.redhat.com/errata/RHSA-2025:10180"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10354 vom 2025-07-07",
"url": "https://access.redhat.com/errata/RHSA-2025:10354"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10358 vom 2025-07-07",
"url": "https://access.redhat.com/errata/RHSA-2025:10358"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10362 vom 2025-07-07",
"url": "https://access.redhat.com/errata/RHSA-2025:10362"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10359 vom 2025-07-07",
"url": "https://access.redhat.com/errata/RHSA-2025:10359"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10357 vom 2025-07-07",
"url": "https://access.redhat.com/errata/RHSA-2025:10357"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10361 vom 2025-07-07",
"url": "https://access.redhat.com/errata/RHSA-2025:10361"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10735 vom 2025-07-09",
"url": "https://access.redhat.com/errata/RHSA-2025:10735"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11386 vom 2025-07-17",
"url": "https://access.redhat.com/errata/RHSA-2025:11386"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7240431 vom 2025-07-23",
"url": "https://www.ibm.com/support/pages/node/7240431"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2950 vom 2025-08-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2950.html"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202508-01 vom 2025-08-06",
"url": "https://security.gentoo.org/glsa/202508-01"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7241565 vom 2025-08-06",
"url": "https://www.ibm.com/support/pages/node/7241565"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7241589 vom 2025-08-06",
"url": "https://www.ibm.com/support/pages/node/7241589"
}
],
"source_lang": "en-US",
"title": "PAM: Schwachstelle erm\u00f6glicht Privilegieneskalation",
"tracking": {
"current_release_date": "2025-08-06T22:00:00.000+00:00",
"generator": {
"date": "2025-08-07T08:34:24.044+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1339",
"initial_release_date": "2025-06-17T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-06-17T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-06-19T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Ubuntu, SUSE und Fedora aufgenommen"
},
{
"date": "2025-06-24T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-06-26T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-30T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-01T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2025-07-06T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-09T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-17T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-23T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-08-04T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-08-05T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2025-08-06T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "13"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cLTS 12.0.14",
"product": {
"name": "IBM App Connect Enterprise \u003cLTS 12.0.14",
"product_id": "T045928"
}
},
{
"category": "product_version",
"name": "LTS 12.0.14",
"product": {
"name": "IBM App Connect Enterprise LTS 12.0.14",
"product_id": "T045928-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:lts_12.0.14"
}
}
}
],
"category": "product_name",
"name": "App Connect Enterprise"
},
{
"category": "product_name",
"name": "IBM MQ",
"product": {
"name": "IBM MQ",
"product_id": "T021398",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP13",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP13",
"product_id": "T045828"
}
},
{
"category": "product_version",
"name": "7.5.0 UP13",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP13",
"product_id": "T045828-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up13"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.7.1",
"product": {
"name": "Open Source PAM \u003c1.7.1",
"product_id": "T044677"
}
},
{
"category": "product_version",
"name": "1.7.1",
"product": {
"name": "Open Source PAM 1.7.1",
"product_id": "T044677-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:kernel:linux-pam:1.7.1"
}
}
}
],
"category": "product_name",
"name": "PAM"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Container Platform 4.10",
"product": {
"name": "Red Hat OpenShift Container Platform 4.10",
"product_id": "T025742",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.10"
}
}
},
{
"category": "product_version",
"name": "Container Platform 4.11",
"product": {
"name": "Red Hat OpenShift Container Platform 4.11",
"product_id": "T025990",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.11"
}
}
},
{
"category": "product_version",
"name": "Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "T026435",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.12"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6020",
"product_status": {
"known_affected": [
"67646",
"T045828",
"T012167",
"T045928",
"T004914",
"74185",
"T044677",
"T002207",
"T000126",
"398363",
"T025742",
"T026435",
"T021398",
"T025990"
]
},
"release_date": "2025-06-17T22:00:00.000+00:00",
"title": "CVE-2025-6020"
}
]
}
fkie_cve-2025-6020
Vulnerability from fkie_nvd
Published
2025-06-17 13:15
Modified
2025-07-21 20:15
Severity ?
Summary
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:10024 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:10027 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:10180 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:10354 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:10357 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:10358 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:10359 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:10361 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:10362 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:10735 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:10823 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:11386 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:11487 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:9526 | ||
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2025-6020 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2372512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/06/17/1 |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en linux-pam. El m\u00f3dulo pam_namespace puede acceder a rutas controladas por el usuario sin la protecci\u00f3n adecuada, lo que permite a los usuarios locales elevar sus privilegios a root mediante m\u00faltiples ataques de enlace simb\u00f3lico y condiciones de ejecuci\u00f3n."
}
],
"id": "CVE-2025-6020",
"lastModified": "2025-07-21T20:15:42.027",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
},
"published": "2025-06-17T13:15:21.660",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10024"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10027"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10180"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10354"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10357"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10358"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10359"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10361"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10362"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10735"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10823"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:11386"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:11487"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:9526"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2025/06/17/1"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
opensuse-su-2025:15256-1
Vulnerability from csaf_opensuse
Published
2025-07-03 00:00
Modified
2025-07-03 00:00
Summary
pam-1.7.1-1.1 on GA media
Notes
Title of the patch
pam-1.7.1-1.1 on GA media
Description of the patch
These are all security issues fixed in the pam-1.7.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15256
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "pam-1.7.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the pam-1.7.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15256",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15256-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6020 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6020/"
}
],
"title": "pam-1.7.1-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15256-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "pam-1.7.1-1.1.aarch64",
"product": {
"name": "pam-1.7.1-1.1.aarch64",
"product_id": "pam-1.7.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "pam-32bit-1.7.1-1.1.aarch64",
"product": {
"name": "pam-32bit-1.7.1-1.1.aarch64",
"product_id": "pam-32bit-1.7.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "pam-devel-1.7.1-1.1.aarch64",
"product": {
"name": "pam-devel-1.7.1-1.1.aarch64",
"product_id": "pam-devel-1.7.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "pam-devel-32bit-1.7.1-1.1.aarch64",
"product": {
"name": "pam-devel-32bit-1.7.1-1.1.aarch64",
"product_id": "pam-devel-32bit-1.7.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-1.7.1-1.1.ppc64le",
"product": {
"name": "pam-1.7.1-1.1.ppc64le",
"product_id": "pam-1.7.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pam-32bit-1.7.1-1.1.ppc64le",
"product": {
"name": "pam-32bit-1.7.1-1.1.ppc64le",
"product_id": "pam-32bit-1.7.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pam-devel-1.7.1-1.1.ppc64le",
"product": {
"name": "pam-devel-1.7.1-1.1.ppc64le",
"product_id": "pam-devel-1.7.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pam-devel-32bit-1.7.1-1.1.ppc64le",
"product": {
"name": "pam-devel-32bit-1.7.1-1.1.ppc64le",
"product_id": "pam-devel-32bit-1.7.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-1.7.1-1.1.s390x",
"product": {
"name": "pam-1.7.1-1.1.s390x",
"product_id": "pam-1.7.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "pam-32bit-1.7.1-1.1.s390x",
"product": {
"name": "pam-32bit-1.7.1-1.1.s390x",
"product_id": "pam-32bit-1.7.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "pam-devel-1.7.1-1.1.s390x",
"product": {
"name": "pam-devel-1.7.1-1.1.s390x",
"product_id": "pam-devel-1.7.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "pam-devel-32bit-1.7.1-1.1.s390x",
"product": {
"name": "pam-devel-32bit-1.7.1-1.1.s390x",
"product_id": "pam-devel-32bit-1.7.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pam-1.7.1-1.1.x86_64",
"product": {
"name": "pam-1.7.1-1.1.x86_64",
"product_id": "pam-1.7.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "pam-32bit-1.7.1-1.1.x86_64",
"product": {
"name": "pam-32bit-1.7.1-1.1.x86_64",
"product_id": "pam-32bit-1.7.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "pam-devel-1.7.1-1.1.x86_64",
"product": {
"name": "pam-devel-1.7.1-1.1.x86_64",
"product_id": "pam-devel-1.7.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "pam-devel-32bit-1.7.1-1.1.x86_64",
"product": {
"name": "pam-devel-32bit-1.7.1-1.1.x86_64",
"product_id": "pam-devel-32bit-1.7.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.7.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-1.7.1-1.1.aarch64"
},
"product_reference": "pam-1.7.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.7.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-1.7.1-1.1.ppc64le"
},
"product_reference": "pam-1.7.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.7.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-1.7.1-1.1.s390x"
},
"product_reference": "pam-1.7.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-1.7.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-1.7.1-1.1.x86_64"
},
"product_reference": "pam-1.7.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.7.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.aarch64"
},
"product_reference": "pam-32bit-1.7.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.7.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.ppc64le"
},
"product_reference": "pam-32bit-1.7.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.7.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.s390x"
},
"product_reference": "pam-32bit-1.7.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-32bit-1.7.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.x86_64"
},
"product_reference": "pam-32bit-1.7.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.7.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-devel-1.7.1-1.1.aarch64"
},
"product_reference": "pam-devel-1.7.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.7.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-devel-1.7.1-1.1.ppc64le"
},
"product_reference": "pam-devel-1.7.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.7.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-devel-1.7.1-1.1.s390x"
},
"product_reference": "pam-devel-1.7.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-1.7.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-devel-1.7.1-1.1.x86_64"
},
"product_reference": "pam-devel-1.7.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.7.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.aarch64"
},
"product_reference": "pam-devel-32bit-1.7.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.7.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.ppc64le"
},
"product_reference": "pam-devel-32bit-1.7.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.7.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.s390x"
},
"product_reference": "pam-devel-32bit-1.7.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam-devel-32bit-1.7.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.x86_64"
},
"product_reference": "pam-devel-32bit-1.7.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6020"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:pam-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:pam-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:pam-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:pam-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:pam-devel-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:pam-devel-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:pam-devel-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:pam-devel-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6020",
"url": "https://www.suse.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "SUSE Bug 1244509 for CVE-2025-6020",
"url": "https://bugzilla.suse.com/1244509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:pam-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:pam-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:pam-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:pam-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:pam-devel-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:pam-devel-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:pam-devel-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:pam-devel-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:pam-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:pam-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:pam-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:pam-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:pam-32bit-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:pam-devel-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:pam-devel-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:pam-devel-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:pam-devel-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:pam-devel-32bit-1.7.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-6020"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…