Michael Weiser

**Name of the Vulnerable Software and Affected Versions** shadow version 4.8 **Description** The issue allows local users to obtain root access due to misconfigured setuid programs. This specifically affects shadow 4.8 when compiled with --with-libpam but without --disable-account-tools-setuid and without a suitable PAM configuration for setuid account management tools. As a result, account management tools such as `groupadd`, `groupdel`, `groupmod`, `useradd`, `userdel`, and `usermod` can be used by unprivileged local users to escalate privileges to root in multiple ways. **Recommendations** For shadow version 4.8, consider recompiling with --disable-account-tools-setuid or ensure a suitable PAM configuration is in place for use with setuid account management tools to prevent privilege escalation. As a temporary workaround, consider restricting access to the account management tools until a properly configured version is available.