CVE-2025-6020

ADVISORY - nist

Summary

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

EPSS Score⁠: 0.00018 (0.029)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-22⁠

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.