Name CVE-2025-8941 Description A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020. Source CVE (at NVD ; CERT , ENISA , LWN , oss-sec , fulldisc , Debian ELTS , Red Hat , Ubuntu , Gentoo , SUSE bugzilla /CVE , GitHub advisories /code /issues , web search , more )
Vulnerable and fixed packages The table below lists information on source packages.
Source Package Release Version Status pam (PTS )bullseye 1.4.0-9+deb11u1 undetermined bullseye (security) 1.4.0-9+deb11u2 undetermined bookworm 1.5.2-6+deb12u2 undetermined forky, sid, trixie 1.7.0-5 undetermined
The information below is based on the following data on fixed versions.
Package Type Release Fixed Version Urgency Origin Debian Bugs pam source (unstable) undetermined
Notes https://bugzilla.redhat.com/show_bug.cgi?id=2388220#c1 check likely RedHat specific incomplete fix for CVE-2025-6020, but asked to pinpoint incomplete fixes 
