linux-pam:edge is vulnerable to Privilege Escalation. A flaw is found in the way it handles empty passwords for non-existing users. When the user doesn’t exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate.