5 matches found
CVE-2017-12424
The CVE-2017-12424 issue affects the shadow package (notably the newusers tool) across multiple distributions. A malformed input could cause internal data-structure corruption that leads to crashes or memory corruption, potentially crossing privilege boundaries in certain configurations (e.g., ho...
CVE-2016-6252
CVE-2016-6252 is an integer overflow vulnerability in shadow 4.2.1 that can let a local user gain privileges via crafted input to newuidmap. The supplied documents confirm the affected component (shadow utilities) and the root cause (integer overflow) with explicit remediation guidance to upgrade...
CVE-2023-29383
CVE-2023-29383 describes a vulnerability in Shadow 4.13 where an attacker can inject control characters into fields given to the chfn program (change finger). The issue does not enable direct exploitation (e.g., adding a user fails due to a block list), but can allow an adversary to misrepresent ...
CVE-2018-7169
CVE-2018-7169 affects shadow-tools: shadow 4.5 (shadow-utils) contains a setuid newgidmap that can place an unprivileged user in a user namespace where setgroups(2) is allowed. This enables the user to remove themselves from a supplementary group, potentially bypassing group-based access restrict...
CVE-2019-19882
CVE-2019-19882 affects Shadow 4.8 when built with --with-libpam but without --disable-account-tools-setuid and without a PAM config compatible with setuid tools, enabling local users to escalate to root via account-management utilities (groupadd, groupdel, groupmod, useradd, userdel, usermod). Th...