CVE-2010-3431
NONE EPSS 26.9%
Published Jan 24, 201115y ago · Modified Jun 16, 20262w ago
Published Jan 24, 2011 15y ago
Last Modified Jun 16, 2026 2w ago
Description
The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an unintended uid, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.
Threat Intelligence
EPSS Exploit Probability
26.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux-pam | linux-pam | 1.1.2 | any |
References 16
- git.altlinux.org http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=843807a3a90f52e7538be756616510730a24739a
- openwall.com http://openwall.com/lists/oss-security/2010/09/21/10
- openwall.com http://openwall.com/lists/oss-security/2010/09/21/3
- openwall.com http://openwall.com/lists/oss-security/2010/09/21/8
- openwall.com http://openwall.com/lists/oss-security/2010/09/21/9
- openwall.com http://openwall.com/lists/oss-security/2010/09/27/10
- openwall.com http://openwall.com/lists/oss-security/2010/09/27/4
- openwall.com http://openwall.com/lists/oss-security/2010/09/27/5
- openwall.com http://openwall.com/lists/oss-security/2010/09/27/7
- openwall.com http://openwall.com/lists/oss-security/2010/10/03/1
- openwall.com http://openwall.com/lists/oss-security/2010/10/25/2
- secunia.com http://secunia.com/advisories/49711
- security.gentoo.org http://security.gentoo.org/glsa/glsa-201206-31.xml
- openwall.com http://www.openwall.com/lists/oss-security/2010/09/21/11
- openwall.com http://www.openwall.com/lists/oss-security/2010/09/24/2
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=641361
Remediation
- openwall.com http://openwall.com/lists/oss-security/2010/09/21/10
- openwall.com http://openwall.com/lists/oss-security/2010/09/21/3
- openwall.com http://openwall.com/lists/oss-security/2010/09/21/8
- openwall.com http://openwall.com/lists/oss-security/2010/09/27/4
- openwall.com http://openwall.com/lists/oss-security/2010/10/03/1
- openwall.com http://openwall.com/lists/oss-security/2010/10/25/2
- openwall.com http://www.openwall.com/lists/oss-security/2010/09/21/11
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=641361