SecAlerts
CVE ListPricingSign Up
linux-pam logo

linux-pam

Security Risk Profile

41
/100
medium

Security Risk Score

Comprehensive risk assessment based on 35 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from February 24, 2009 to present

35
Total CVEs
5
Critical+High
0
Exploited
1
Unpatched

Threat Assessment

Avg CVSS
5.1
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
1
Critical/High
Risk Level
41/100
medium

Severity Distribution

Critical
2
High
3
Medium
16
Low
5

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
0
<5%
2

Age Distribution

Common Weaknesses (CWE)

1
Race Condition
2
2
Path Traversal
2
3
Buffer Overflow
2
4
Infoleak
1

Most Affected Products

1. Linux-PAM Linux-PAM254
2. ubuntu/pam7
3. IBM Cognos Analytics5
4. IBM Cognos Transformer5
5. redhat/pam4

Recent Vulnerabilities

See more →
https://seclists.org/oss-sec/2025/q2/263
unknown

CVE-2025-6019: LPE from allow_active to root in libblockdev via udisks

6/17/2025🔧 No Patch
https://seclists.org/oss-sec/2025/q2/258
unknown

pam: pam_namespace local privilege escalation (CVE-2025-6020)

6/17/2025🔧 No Patch
REDHAT-BUG-2372512
CVSS 7.0high
6/12/2025🔧 No Patch
CVE-2025-6020
CVSS 7.8EPSS 0%high

Linux-pam: linux-pam directory traversal

6/12/2025
https://seclists.org/oss-sec/2025/q1/113
unknown

pam_pkcs11: Possible Authentication Bypass in Error Situations (CVE-2025-24531)

2/6/2025🔧 No Patch
https://seclists.org/oss-sec/2025/q1/109
unknown

pam_pkcs11: Possible Authentication Bypass in Error Situations (CVE-2025-24531)

2/6/2025🔧 No Patch
https://seclists.org/oss-sec/2025/q1/27
unknown

pam-u2f: problematic PAM_IGNOturn values in pam_sm_authenticate() (CVE-2025-23013)

1/16/2025🔧 No Patch
https://seclists.org/oss-sec/2025/q1/26
unknown

pam-u2f: problematic PAM_IGNOturn values in pam_sm_authenticate() (CVE-2025-23013)

1/16/2025🔧 No Patch
https://seclists.org/oss-sec/2025/q1/25
unknown

pam-u2f: problematic PAM_IGNOturn values in pam_sm_authenticate() (CVE-2025-23013)

1/16/2025🔧 No Patch
CVE-2024-10041
CVSS 4.7medium

Pam: libpam: libpam vulnerable to read hashed password

10/16/2024

Monitor linux-pam in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.

linux-pam Security Vulnerabilities & Risk Score | 35 CVEs | SecAlerts - SecAlerts