Permissions, Privileges, and Access Controls in shadow - CVE-2024-56433
Published: July 17, 2025
Vulnerability identifier: #VU113028
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:U/U:Green
CVE-ID: CVE-2024-56433
CWE-ID: CWE-264
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: Mark Florian
Affected software:
shadow
shadow
Detailed vulnerability description
The vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to shadow-utils establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users).
How to mitigate CVE-2024-56433
Install updates from vendor's website.