Main Vulnerability Database Exploits ID:12407 - Exploit for Configuration in pam-32bit - CVE-2025-6018

ID:12407 - Exploit for Configuration in pam-32bit - CVE-2025-6018

Published: February 13, 2026

Vulnerability identifier: #VU111387

Vulnerability risk: Low

CVE-ID: CVE-2025-6018

CWE-ID: CWE-16

Exploitation vector: Local access

Vulnerable software:
pam-32bit

Link to public exploit:

https://github.com/0rionCollector/Exploit-Chain-CVE-2025-6018-6019

Vulnerability description

The issue may allow a local user to escalate privileges on the system.

The issue exists due an error in the PAM configuration of openSUSE Leap 15 and SUSE Linux Enterprise 15. An unprivileged user who logs in via sshd can force the pam_env module to add arbitrary variables to PAM's environment, leading to arbitrary code execution as root.

Remediation

Install updates from vendor's website.

ID:12407 - Exploit for Configuration in pam-32bit - CVE-2025-6018

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human