Jump to:

Jump to:

Package shadow updated to version 4.2.1-alt7.M80P.1 for branch p8 in task 179286.

Published: 2017-02-17
Modified: 2025-04-20

CVE-2016-6252

Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap.

Severity: MEDIUM (4.6) Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Version: 2.1.2

Package shadow update in p8 on 2017-03-13