Incorrect Authorization in linux-pam/linux-pam | CVE-2025-6018

Q: How to fix?

Upgrade linux-pam/linux-pam to version 1.5.0 or higher.

Threat Intelligence

Proof of Concept

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Incorrect Authorization vulnerabilities in an interactive lesson.

Start learning

Snyk IDSNYK-UNMANAGED-LINUXPAMLINUXPAM-10774351
published18 Jul 2025
disclosed17 Jun 2025
creditAlexander Bergmann, Thomas Blume, Valentin Lefebvre, Patrick Del Bello, Marco Benatto, Tomas Bzatek

Report a new vulnerability Found a mistake?

Introduced: 17 Jun 2025

CVE-2025-6018 (opens in a new tab) CWE-863 (opens in a new tab)

How to fix?

Upgrade linux-pam/linux-pam to version 1.5.0 or higher.

Overview

Affected versions of this package are vulnerable to Incorrect Authorization via improper enforcement of access controls in the pam_env module. An attacker can gain elevated privileges by exploiting this weakness to perform actions typically restricted to users with physical console access, potentially allowing unauthorized control over system configurations, services, or other sensitive operations.

##Workaround

For the users of Linux-PAM <=1.4.0 it is recommended to set pam_env parameter user_readenv to 0. It is set to 0 by default since Linux-PAM 1.4.0. In the version 1.5.0 the functionality is deprecated.

References

CVSS Base Scores

version 4.0

version 3.1

Attack Vector (AV)
Local
Attack Complexity (AC)
Low
Attack Requirements (AT)
None
Privileges Required (PR)
Low
User Interaction (UI)
None

Confidentiality (VC)
High
Integrity (VI)
High
Availability (VA)
High

Confidentiality (SC)
None
Integrity (SI)
None
Availability (SA)
None

Incorrect Authorization Affecting linux-pam/linux-pam package, versions [,1.5.0)

Severity