CVE-2025-8941: 
Rocky Linux vulnerability analysis and mitigation

A flaw was discovered in linux-pam's pam_namespace module that improperly handles user-controlled paths. This vulnerability, identified as CVE-2025-8941, was disclosed on August 13, 2025, and serves as a complete fix for the previously identified CVE-2025-6020. The vulnerability affects various Linux distributions including Red Hat Enterprise Linux and Ubuntu systems (NVD, Red Hat Portal).

The vulnerability is classified as a directory traversal issue (CWE-22) with a CVSS v3.1 base score of 7.8 (High). The attack vector is local (AV:L), requiring low attack complexity (AC:L) and low privileges (PR:L), with no user interaction (UI:N) needed. The scope is unchanged (S:U), and the impact on confidentiality, integrity, and availability is rated as high (C:H/I:H/A:H) (NVD, Snyk).

If exploited, this vulnerability allows local users to exploit symlink attacks and race conditions to elevate their privileges to root, potentially resulting in a total loss of system confidentiality, integrity, and availability (NVD, Ubuntu).

As of August 15, 2025, there is no fixed version available for the affected systems. The vulnerability is currently under evaluation for various Ubuntu releases including 25.04, 24.04 LTS, 22.04 LTS, 20.04 LTS, 18.04 LTS, 16.04 LTS, and 14.04 LTS (Ubuntu).

Security researchers have noted that this may be a Red Hat-specific incomplete-fix CVE. As of August 15, 2025, there are no additional details available, and the upstream linux-pam repository has no additional commits for the pam_namespace module (Ubuntu).