CVE-2010-3316

Name	CVE-2010-3316
Description	The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pam_xauth PAM check.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs	599832

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
pam (PTS)	jessie	1.1.8-3.1+deb8u2	fixed
	stretch	1.1.8-3.6	fixed
	buster	1.3.1-5	fixed
	bullseye	1.4.0-9+deb11u1	fixed
	bookworm	1.5.2-6+deb12u1	fixed
	sid, trixie	1.5.3-7	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
pam	source	(unstable)	1.1.2-1	unimportant		599832

Notes

partial fix http://git.altlinux.org/people/ldv/packages/?p=pam.git;a=commitdiff;h=06f882f30092a39a1db867c9744b2ca8d60e4ad6
Not exploitable with current kernels