CVE-2025-8941: 
Linux Red Hat vulnerability analysis and mitigation

A critical security flaw (CVE-2025-8941) was discovered in linux-pam's pam_namespace module. The vulnerability allows local users to exploit symlink attacks and race conditions to elevate their privileges to root by improperly handling user-controlled paths. This CVE was identified as a complete fix for the previously addressed CVE-2025-6020 (Red Hat CVE, NVD).

The vulnerability is classified with a CVSS v3.1 Base Score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The flaw is categorized as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory - 'Path Traversal'). The vulnerability specifically affects the pam_namespace module's handling of user-controlled paths, which can lead to privilege escalation through symlink attacks and race conditions (Red Hat CVE).

The vulnerability allows local users to elevate their privileges to root level, potentially gaining complete control over the affected system. This represents a significant security risk as it could allow attackers to gain unauthorized administrative access to the system (NVD).

This CVE provides a complete fix for the previously identified CVE-2025-6020, addressing both the symlink and race-condition attack vectors that were only partially mitigated in the earlier fix (Bugzilla).