Unrated severityNVD Advisory· Published Jan 24, 2011· Updated Apr 29, 2026
CVE-2010-3316
CVE-2010-3316
Description
The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pam_xauth PAM check.
Affected products
23cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*+ 22 more
- cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*range: <=1.1.1
- cpe:2.3:a:linux-pam:linux-pam:0.99.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:0.99.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:0.99.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:0.99.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:0.99.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:0.99.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:0.99.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:0.99.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:0.99.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:0.99.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:0.99.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:0.99.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:0.99.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:0.99.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:0.99.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:0.99.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:linux-pam:linux-pam:1.1.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
20- openwall.com/lists/oss-security/2010/09/21/3nvdPatch
- openwall.com/lists/oss-security/2010/09/21/8nvdPatch
- openwall.com/lists/oss-security/2010/09/27/4nvdPatch
- openwall.com/lists/oss-security/2010/09/27/5nvdPatch
- openwall.com/lists/oss-security/2010/09/27/7nvdPatch
- openwall.com/lists/oss-security/2010/10/25/2nvdPatch
- www.openwall.com/lists/oss-security/2010/09/24/2nvdPatch
- bugzilla.redhat.com/show_bug.cginvdPatch
- lists.vmware.com/pipermail/security-announce/2011/000126.htmlnvd
- openwall.com/lists/oss-security/2010/08/16/2nvd
- openwall.com/lists/oss-security/2010/09/27/10nvd
- secunia.com/advisories/49711nvd
- security.gentoo.org/glsa/glsa-201206-31.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2010-0819.htmlnvd
- www.redhat.com/support/errata/RHSA-2010-0891.htmlnvd
- www.securityfocus.com/archive/1/516909/100/0/threadednvd
- www.vmware.com/security/advisories/VMSA-2011-0004.htmlnvd
- www.vupen.com/english/advisories/2011/0606nvd
- sourceforge.net/tracker/nvd
News mentions
0No linked articles in our index yet.