A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| secalert@redhat.com | 4.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.0 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux | 9.0 |
| redhat | codeready_linux_builder | 8.0 |
| redhat | enterprise_linux | 8.0 |
| redhat | codeready_linux_builder_for_arm64 | 8.0_aarch64 |
| redhat | enterprise_linux_for_ibm_z_systems | 8.0_s390x |
| redhat | enterprise_linux_for_power_little_endian | 8.0_ppc64le |
| redhat | codeready_linux_builder_for_power_little_endian | 8.0_ppc64le |
| redhat | codeready_linux_builder_for_power_little_endian | 9.0_ppc64le |
| redhat | enterprise_linux_for_power_little_endian | 9.0_ppc64le |
| redhat | enterprise_linux_for_ibm_z_systems | 9.0_s390x |
| shadow-maint | shadow-utils | * |
| redhat | codeready_linux_builder_for_ibm_z_systems | 9.0_s390x |
| redhat | codeready_linux_builder_for_arm64 | 9.0_aarch64 |
| redhat | codeready_linux_builder_for_ibm_z_systems | 8.0_s390x |
| redhat | codeready_linux_builder | 9.0 |
| redhat | enterprise_linux_for_arm_64 | 9.0 |
| redhat | enterprise_linux_for_arm_64 | 8.0 |