SB2019122023 - Privilege escalation in shadow

Description

This security bulletin contains information about 1 security vulnerability.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2019-19882)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to missconfigured setuid programs in shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools.. A local unprivileged user can leverage groupadd, groupdel, groupmod, useradd, userdel, or usermod management tools to escalate privileges on the system to root.

The issue affects at least Gentoo, Arch Linux, and Void Linux.

Remediation

Install update from vendor's website.

References

• https://bugs.archlinux.org/task/64836
• https://bugs.gentoo.org/702252
• https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75
• https://github.com/shadow-maint/shadow/pull/199
• https://github.com/void-linux/void-packages/pull/17580