pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pam_namespace PAM check, as demonstrated by the sudo program.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2011-01-24T17:00:00

Updated: 2024-08-07T03:26:12.299Z

Reserved: 2010-10-08T00:00:00

Link: CVE-2010-3853

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2011-01-24T18:00:02.173

Modified: 2024-11-21T01:19:45.497

Link: CVE-2010-3853

cve-icon Redhat

Severity : Moderate

Publid Date: 2010-10-22T00:00:00Z

Links: CVE-2010-3853 - Bugzilla