CVE-2023-4641

A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.

Published: Dec 27, 2023
Updated: Jan 5, 2024
CVE: CVE-2023-4641
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
shadow-maint / shadow-utils	-	4.14.0
redhat / enterprise_linux	8.0	8.0.x
redhat / codeready_linux_builder	8.0	8.0.x
redhat / enterprise_linux	9.0	9.0.x
redhat / enterprise_linux_for_arm_64	9.0	9.0.x
redhat / enterprise_linux_for_arm_64	8.0	8.0.x
redhat / codeready_linux_builder_for_ibm_z_systems	9.0_s390x	9.0_s390x.x
redhat / codeready_linux_builder_for_arm64	9.0_aarch64	9.0_aarch64.x
redhat / enterprise_linux_for_power_little_endian	8.0_ppc64le	8.0_ppc64le.x
redhat / enterprise_linux_for_ibm_z_systems	8.0_s390x	8.0_s390x.x
redhat / codeready_linux_builder_for_power_little_endian	9.0_ppc64le	9.0_ppc64le.x
redhat / codeready_linux_builder	9.0	9.0.x
redhat / enterprise_linux_for_power_little_endian	9.0_ppc64le	9.0_ppc64le.x
redhat / enterprise_linux_for_ibm_z_systems	9.0_s390x	9.0_s390x.x
redhat / codeready_linux_builder_for_ibm_z_systems	8.0_s390x	8.0_s390x.x
redhat / codeready_linux_builder_for_arm64	8.0_aarch64	8.0_aarch64.x
redhat / codeready_linux_builder_for_power_little_endian	8.0_ppc64le	8.0_ppc64le.x

Vulnerability Database

289,599

CVE-2023-4641