feature: linux - CVE-2025-6018 - LPE via pam_env allow_active spoofing #128
Description
Add CVE‑2025‑6018 to the inventory.
A PAM configuration flaw in SUSE Linux (pam_env with user_readenv) allows unprivileged SSH users to impersonate physical “allow_active” users. This grants access to polkit actions normally reserved for console users.
Section: ctf/system/linux/
Type: privilege escalation / polkit context spoofing