Description
pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pam_namespace PAM check, as demonstrated by the sudo program.
CVSS Metrics
- Vector
- AV:L/AC:M/Au:N/C:C/I:C/A:C
- Access Vector
- local
- Access Cmplx
- medium
- Auth
- none
- Confidentiality
- complete
- Integrity
- complete
- Availability
- complete
- Weaknesses
- NVD-CWE-Other
Metadata
- Primary Vendor
- LINUX-PAM
- Published
- 1/24/2011
- Last Modified
- 4/11/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
linux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pamlinux-pam : linux-pam
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.