CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 2CVE-2023-29383
https://notcve.org/view.php?id=CVE-2023-29383
14 Apr 2023 — In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to ... • https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-125: Out-of-bounds Read •