A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "low", "priority_reason": "Unlikely attack scenario", "binaries": [ { "binary_name": "login", "binary_version": "1:4.1.5.1-1ubuntu9.5+esm4" }, { "binary_name": "login-dbgsym", "binary_version": "1:4.1.5.1-1ubuntu9.5+esm4" }, { "binary_name": "passwd", "binary_version": "1:4.1.5.1-1ubuntu9.5+esm4" }, { "binary_name": "passwd-dbgsym", "binary_version": "1:4.1.5.1-1ubuntu9.5+esm4" }, { "binary_name": "uidmap", "binary_version": "1:4.1.5.1-1ubuntu9.5+esm4" }, { "binary_name": "uidmap-dbgsym", "binary_version": "1:4.1.5.1-1ubuntu9.5+esm4" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "low", "priority_reason": "Unlikely attack scenario", "binaries": [ { "binary_name": "login", "binary_version": "1:4.2-3.1ubuntu5.5+esm4" }, { "binary_name": "login-dbgsym", "binary_version": "1:4.2-3.1ubuntu5.5+esm4" }, { "binary_name": "passwd", "binary_version": "1:4.2-3.1ubuntu5.5+esm4" }, { "binary_name": "passwd-dbgsym", "binary_version": "1:4.2-3.1ubuntu5.5+esm4" }, { "binary_name": "uidmap", "binary_version": "1:4.2-3.1ubuntu5.5+esm4" }, { "binary_name": "uidmap-dbgsym", "binary_version": "1:4.2-3.1ubuntu5.5+esm4" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "low", "priority_reason": "Unlikely attack scenario", "binaries": [ { "binary_name": "login", "binary_version": "1:4.5-1ubuntu2.5+esm1" }, { "binary_name": "login-dbgsym", "binary_version": "1:4.5-1ubuntu2.5+esm1" }, { "binary_name": "passwd", "binary_version": "1:4.5-1ubuntu2.5+esm1" }, { "binary_name": "passwd-dbgsym", "binary_version": "1:4.5-1ubuntu2.5+esm1" }, { "binary_name": "uidmap", "binary_version": "1:4.5-1ubuntu2.5+esm1" }, { "binary_name": "uidmap-dbgsym", "binary_version": "1:4.5-1ubuntu2.5+esm1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "priority_reason": "Unlikely attack scenario", "binaries": [ { "binary_name": "login", "binary_version": "1:4.8.1-1ubuntu5.20.04.5" }, { "binary_name": "login-dbgsym", "binary_version": "1:4.8.1-1ubuntu5.20.04.5" }, { "binary_name": "passwd", "binary_version": "1:4.8.1-1ubuntu5.20.04.5" }, { "binary_name": "passwd-dbgsym", "binary_version": "1:4.8.1-1ubuntu5.20.04.5" }, { "binary_name": "uidmap", "binary_version": "1:4.8.1-1ubuntu5.20.04.5" }, { "binary_name": "uidmap-dbgsym", "binary_version": "1:4.8.1-1ubuntu5.20.04.5" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "priority_reason": "Unlikely attack scenario", "binaries": [ { "binary_name": "login", "binary_version": "1:4.8.1-2ubuntu2.2" }, { "binary_name": "login-dbgsym", "binary_version": "1:4.8.1-2ubuntu2.2" }, { "binary_name": "passwd", "binary_version": "1:4.8.1-2ubuntu2.2" }, { "binary_name": "passwd-dbgsym", "binary_version": "1:4.8.1-2ubuntu2.2" }, { "binary_name": "uidmap", "binary_version": "1:4.8.1-2ubuntu2.2" }, { "binary_name": "uidmap-dbgsym", "binary_version": "1:4.8.1-2ubuntu2.2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "priority_reason": "Unlikely attack scenario", "binaries": [ { "binary_name": "libsubid-dev", "binary_version": "1:4.13+dfsg1-3ubuntu1" }, { "binary_name": "libsubid4", "binary_version": "1:4.13+dfsg1-3ubuntu1" }, { "binary_name": "libsubid4-dbgsym", "binary_version": "1:4.13+dfsg1-3ubuntu1" }, { "binary_name": "login", "binary_version": "1:4.13+dfsg1-3ubuntu1" }, { "binary_name": "login-dbgsym", "binary_version": "1:4.13+dfsg1-3ubuntu1" }, { "binary_name": "passwd", "binary_version": "1:4.13+dfsg1-3ubuntu1" }, { "binary_name": "passwd-dbgsym", "binary_version": "1:4.13+dfsg1-3ubuntu1" }, { "binary_name": "uidmap", "binary_version": "1:4.13+dfsg1-3ubuntu1" }, { "binary_name": "uidmap-dbgsym", "binary_version": "1:4.13+dfsg1-3ubuntu1" } ] }