VYPR

rpm package

suse/pam&distro=SUSE Manager Proxy 4.3

pkg:rpm/suse/pam&distro=SUSE%20Manager%20Proxy%204.3

Vulnerabilities (3)

  • CVE-2025-6018Jul 23, 2025
    affected < 1.3.0-150000.6.83.1fixed 1.3.0-150000.6.83.1

    A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for

  • CVE-2025-6020HigJun 17, 2025
    affected < 1.3.0-150000.6.83.1fixed 1.3.0-150000.6.83.1

    A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

  • CVE-2024-22365MedFeb 6, 2024
    affected < 1.3.0-150000.6.66.1fixed 1.3.0-150000.6.66.1

    linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.