Unrated severityOSV Advisory· Published Dec 27, 2023· Updated Nov 3, 2025
Shadow-utils: possible password leak during passwd(1) change
CVE-2023-4641
Description
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
33- Range: 4.10, 4.12, 4.12.1, …
- osv-coords31 versionspkg:rpm/almalinux/shadow-utilspkg:rpm/almalinux/shadow-utils-subidpkg:rpm/almalinux/shadow-utils-subid-develpkg:rpm/opensuse/shadow&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/shadow&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/shadow&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/shadow&distro=openSUSE%20Tumbleweedpkg:rpm/suse/shadow&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/shadow&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/shadow&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/shadow&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/shadow&distro=SUSE%20Manager%20Server%204.2
< 2:4.9-8.el9+ 30 more
- (no CPE)range: < 2:4.9-8.el9
- (no CPE)range: < 2:4.9-8.el9
- (no CPE)range: < 2:4.9-8.el9
- (no CPE)range: < 4.8.1-150400.10.12.1
- (no CPE)range: < 4.8.1-150400.10.12.1
- (no CPE)range: < 4.17.2-150600.17.18.1
- (no CPE)range: < 4.19.2-2.1
- (no CPE)range: < 4.6-150100.3.11.1
- (no CPE)range: < 4.8.1-150300.4.12.1
- (no CPE)range: < 4.6-150100.3.11.1
- (no CPE)range: < 4.6-150100.3.11.1
- (no CPE)range: < 4.8.1-150300.4.12.1
- (no CPE)range: < 4.8.1-150300.4.12.1
- (no CPE)range: < 4.8.1-150300.4.12.1
- (no CPE)range: < 4.8.1-150300.4.12.1
- (no CPE)range: < 4.8.1-150400.10.12.1
- (no CPE)range: < 4.8.1-150400.3.3.1
- (no CPE)range: < 4.8.1-150500.3.3.1
- (no CPE)range: < 4.8.1-150400.10.12.1
- (no CPE)range: < 4.8.1-150400.10.12.1
- (no CPE)range: < 4.17.2-150600.17.18.1
- (no CPE)range: < 4.2.1-36.6.1
- (no CPE)range: < 4.6-150100.3.11.1
- (no CPE)range: < 4.6-150100.3.11.1
- (no CPE)range: < 4.8.1-150300.4.12.1
- (no CPE)range: < 4.2.1-36.6.1
- (no CPE)range: < 4.6-150100.3.11.1
- (no CPE)range: < 4.6-150100.3.11.1
- (no CPE)range: < 4.8.1-150300.4.12.1
- (no CPE)range: < 4.8.1-150300.4.12.1
- (no CPE)range: < 4.8.1-150300.4.12.1
Patches
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
6- access.redhat.com/errata/RHSA-2023:6632mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2023:7112mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2024:0417mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2024:2577mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/security/cve/CVE-2023-4641mitrevdb-entryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
News mentions
0No linked articles in our index yet.