Issued:: 2025-07-07
Updated:: 2025-07-07

RHSA-2025:10362 - Security Advisory

Overview
Updated Packages

Synopsis

Important: pam security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for pam is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.

Security Fix(es):

linux-pam: Linux-pam directory Traversal (CVE-2025-6020)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2372512 - CVE-2025-6020 linux-pam: Linux-pam directory Traversal

CVEs

CVE-2025-6020

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
pam-1.3.1-8.el8_2.1.src.rpm	SHA-256: 103bf04dff188fcea5bc27c128f605265c83f0ec5ab92c47ee28df250f8c62df
x86_64
pam-1.3.1-8.el8_2.1.i686.rpm	SHA-256: 0a0802796390c4797ba32eb000599adfa6e90b5a31994b76d9000d6dabf6ddc1
pam-1.3.1-8.el8_2.1.x86_64.rpm	SHA-256: 7f3319010d16cf9d1b2e5285fc57b5d4784a21845ea3bf2d70fffb460f8d86ff
pam-debuginfo-1.3.1-8.el8_2.1.i686.rpm	SHA-256: cc69c660979262a9130a94cff09d4449a768ad4d9aa0180bb7116f2b706719dc
pam-debuginfo-1.3.1-8.el8_2.1.x86_64.rpm	SHA-256: 62cb86a27e1e92c5a9279561830d9f647a93b1d7e2670abe0597eb24224892aa
pam-debugsource-1.3.1-8.el8_2.1.i686.rpm	SHA-256: f78865f64863f475f8746a13c122e79611af72d73fb545f1be507c5b80e04d31
pam-debugsource-1.3.1-8.el8_2.1.x86_64.rpm	SHA-256: 6782a7c8b2c8a11cb9f7466abbb5a02aa3ba7c178183d13f06c6be6d73193883
pam-devel-1.3.1-8.el8_2.1.i686.rpm	SHA-256: e27b7b430d58276f0ebba14c66b46b96740c5c0a3ee3335016ad42519f2f0214
pam-devel-1.3.1-8.el8_2.1.x86_64.rpm	SHA-256: 572115f8d56709f0816003aa98cc8c2805ef5a6fbca31eb682e444a617d67e6f

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation