Shadow · Shadow · CVE-2016-6252
**Name of the Vulnerable Software and Affected Versions**
shadow version 4.2.1
**Description**
The issue allows local users to gain privileges via crafted input to newuidmap, due to an integer overflow.
**Recommendations**
For shadow version 4.2.1, update to a version that fixes the integer overflow issue in newuidmap to prevent local users from gaining privileges.