PAM could be made to run programs as an administrator.
Software Description:
- pam: Pluggable Authentication Modules
Details:
Olivier BAL-PETRE discovered that the PAM pam_namespace module incorrectly
handled user-controlled paths. In environments where pam_namespace is used,
a local attacker could possibly use this issue to escalate their privileges
to root.
The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 libpam-modules 1.5.3-7ubuntu4.3 Ubuntu 24.10 libpam-modules 1.5.3-7ubuntu2.3 Ubuntu 24.04 LTS libpam-modules 1.5.3-5ubuntu5.4 Ubuntu 22.04 LTS libpam-modules 1.4.0-11ubuntu2.6 After a standard system update you need to reboot your computer to make all the necessary changes.
https://ubuntu.com/security/notices/USN-7580-1
CVE-2025-6020
Get the latest Linux and open source security news straight to your inbox.