Unrated severityNVD Advisory· Published Jul 6, 2006· Updated Jun 16, 2026

CVE-2006-3378

Description

passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Ubuntu/Linux11 versions
cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*+ 10 more
- cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*
Ubuntu/shadowllm-create
Range: Ubuntu 5.04 through 6.06 LTS

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000

CVE-2006-3378

Description

AI Insight

Affected products

Patches

Vulnerability mechanics

References

News mentions