CVE-2017-12424 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-12424 Interim 1 20 2025-03-25T00:50:14Z current 2021-05-30T13:59:46Z 2025-03-25T00:50:14Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-12424 In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2020-January/006341.html E-Mail link for SUSE-CU-2019:695-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006379.html E-Mail link for SUSE-CU-2019:706-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006369.html E-Mail link for SUSE-CU-2019:708-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006364.html E-Mail link for SUSE-CU-2019:710-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006372.html E-Mail link for SUSE-CU-2019:712-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006376.html E-Mail link for SUSE-CU-2019:714-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006361.html E-Mail link for SUSE-CU-2019:716-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006360.html E-Mail link for SUSE-CU-2019:719-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006373.html E-Mail link for SUSE-CU-2019:721-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006371.html E-Mail link for SUSE-CU-2019:723-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006366.html E-Mail link for SUSE-CU-2019:725-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006378.html E-Mail link for SUSE-CU-2019:727-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006367.html E-Mail link for SUSE-CU-2019:729-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006368.html E-Mail link for SUSE-CU-2019:731-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006370.html E-Mail link for SUSE-CU-2019:733-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006365.html E-Mail link for SUSE-CU-2019:738-1 https://lists.suse.com/pipermail/sle-security-updates/2017-November/003379.html E-Mail link for SUSE-SU-2017:2947-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings Container caasp/v4/default-http-backend:beta1 Container caasp/v4/dnsmasq-nanny:2.78 Container caasp/v4/flannel:0.9.1 Container caasp/v4/haproxy:beta1 Container caasp/v4/kubedns:beta1 Container caasp/v4/nginx-ingress-controller:beta1 Container caasp/v4/openldap:beta1 Container caasp/v4/pause:1.0.0 Container caasp/v4/pv-recycler-node:8.25 Container caasp/v4/salt-api:beta1 Container caasp/v4/salt-master:beta1 Container caasp/v4/salt-minion:beta1 Container caasp/v4/sidecar:beta1 Container caasp/v4/velum:4.0.0 Container suse/sles12sp3:12.16 Container suse/sles12sp4:14.28 Image SLES12-SP4-Azure-BYOS Image SLES12-SP4-EC2-HVM-BYOS Image SLES12-SP4-GCE-BYOS Image SLES12-SP4-OCI-BYOS Image SLES12-SP4-SAP-Azure Image SLES12-SP4-SAP-Azure-BYOS Image SLES12-SP4-SAP-Azure-LI-BYOS-Production Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production Image SLES12-SP4-SAP-EC2-HVM Image SLES12-SP4-SAP-EC2-HVM-BYOS Image SLES12-SP4-SAP-GCE Image SLES12-SP4-SAP-GCE-BYOS Image SLES12-SP4-SAP-OCI-BYOS SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP5 shadow-4.2.1-27.19.1 shadow-4.2.1-27.3.3 shadow-4.2.1-34.20 shadow-4.2.1-27.3.3 as a component of Container caasp/v4/default-http-backend:beta1 shadow-4.2.1-27.3.3 as a component of Container caasp/v4/dnsmasq-nanny:2.78 shadow-4.2.1-27.3.3 as a component of Container caasp/v4/flannel:0.9.1 shadow-4.2.1-27.3.3 as a component of Container caasp/v4/haproxy:beta1 shadow-4.2.1-27.3.3 as a component of Container caasp/v4/kubedns:beta1 shadow-4.2.1-27.3.3 as a component of Container caasp/v4/nginx-ingress-controller:beta1 shadow-4.2.1-27.3.3 as a component of Container caasp/v4/openldap:beta1 shadow-4.2.1-27.3.3 as a component of Container caasp/v4/pause:1.0.0 shadow-4.2.1-27.3.3 as a component of Container caasp/v4/pv-recycler-node:8.25 shadow-4.2.1-27.3.3 as a component of Container caasp/v4/salt-api:beta1 shadow-4.2.1-27.3.3 as a component of Container caasp/v4/salt-master:beta1 shadow-4.2.1-27.3.3 as a component of Container caasp/v4/salt-minion:beta1 shadow-4.2.1-27.3.3 as a component of Container caasp/v4/sidecar:beta1 shadow-4.2.1-27.3.3 as a component of Container caasp/v4/velum:4.0.0 shadow-4.2.1-27.3.3 as a component of Container suse/sles12sp3:12.16 shadow-4.2.1-27.3.3 as a component of Container suse/sles12sp4:14.28 shadow-4.2.1-27.3.3 as a component of Image SLES12-SP4-Azure-BYOS shadow-4.2.1-27.3.3 as a component of Image SLES12-SP4-EC2-HVM-BYOS shadow-4.2.1-27.3.3 as a component of Image SLES12-SP4-GCE-BYOS shadow-4.2.1-27.3.3 as a component of Image SLES12-SP4-OCI-BYOS shadow-4.2.1-27.3.3 as a component of Image SLES12-SP4-SAP-Azure shadow-4.2.1-27.3.3 as a component of Image SLES12-SP4-SAP-Azure-BYOS shadow-4.2.1-27.3.3 as a component of Image SLES12-SP4-SAP-Azure-LI-BYOS-Production shadow-4.2.1-27.3.3 as a component of Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production shadow-4.2.1-27.3.3 as a component of Image SLES12-SP4-SAP-EC2-HVM shadow-4.2.1-27.3.3 as a component of Image SLES12-SP4-SAP-EC2-HVM-BYOS shadow-4.2.1-27.3.3 as a component of Image SLES12-SP4-SAP-GCE shadow-4.2.1-27.3.3 as a component of Image SLES12-SP4-SAP-GCE-BYOS shadow-4.2.1-27.3.3 as a component of Image SLES12-SP4-SAP-OCI-BYOS shadow-4.2.1-27.3.3 as a component of SUSE Linux Enterprise Desktop 12 SP2 shadow-4.2.1-27.3.3 as a component of SUSE Linux Enterprise Desktop 12 SP3 shadow-4.2.1-27.19.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 shadow-4.2.1-34.20 as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 shadow-4.2.1-27.3.3 as a component of SUSE Linux Enterprise Server 12 SP2 shadow-4.2.1-27.3.3 as a component of SUSE Linux Enterprise Server 12 SP3 shadow-4.2.1-27.19.1 as a component of SUSE Linux Enterprise Server 12 SP4 shadow-4.2.1-34.20 as a component of SUSE Linux Enterprise Server 12 SP5 shadow-4.2.1-27.3.3 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 shadow-4.2.1-27.3.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 shadow-4.2.1-27.3.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 shadow-4.2.1-34.20 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts. CVE-2017-12424 Container caasp/v4/default-http-backend:beta1:shadow-4.2.1-27.3.3 Container caasp/v4/dnsmasq-nanny:2.78:shadow-4.2.1-27.3.3 Container caasp/v4/flannel:0.9.1:shadow-4.2.1-27.3.3 Container caasp/v4/haproxy:beta1:shadow-4.2.1-27.3.3 Container caasp/v4/kubedns:beta1:shadow-4.2.1-27.3.3 Container caasp/v4/nginx-ingress-controller:beta1:shadow-4.2.1-27.3.3 Container caasp/v4/openldap:beta1:shadow-4.2.1-27.3.3 Container caasp/v4/pause:1.0.0:shadow-4.2.1-27.3.3 Container caasp/v4/pv-recycler-node:8.25:shadow-4.2.1-27.3.3 Container caasp/v4/salt-api:beta1:shadow-4.2.1-27.3.3 Container caasp/v4/salt-master:beta1:shadow-4.2.1-27.3.3 Container caasp/v4/salt-minion:beta1:shadow-4.2.1-27.3.3 Container caasp/v4/sidecar:beta1:shadow-4.2.1-27.3.3 Container caasp/v4/velum:4.0.0:shadow-4.2.1-27.3.3 Container suse/sles12sp3:12.16:shadow-4.2.1-27.3.3 Container suse/sles12sp4:14.28:shadow-4.2.1-27.3.3 Image SLES12-SP4-Azure-BYOS:shadow-4.2.1-27.3.3 Image SLES12-SP4-EC2-HVM-BYOS:shadow-4.2.1-27.3.3 Image SLES12-SP4-GCE-BYOS:shadow-4.2.1-27.3.3 Image SLES12-SP4-OCI-BYOS:shadow-4.2.1-27.3.3 Image SLES12-SP4-SAP-Azure:shadow-4.2.1-27.3.3 Image SLES12-SP4-SAP-Azure-BYOS:shadow-4.2.1-27.3.3 Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:shadow-4.2.1-27.3.3 Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production:shadow-4.2.1-27.3.3 Image SLES12-SP4-SAP-EC2-HVM:shadow-4.2.1-27.3.3 Image SLES12-SP4-SAP-EC2-HVM-BYOS:shadow-4.2.1-27.3.3 Image SLES12-SP4-SAP-GCE:shadow-4.2.1-27.3.3 Image SLES12-SP4-SAP-GCE-BYOS:shadow-4.2.1-27.3.3 Image SLES12-SP4-SAP-OCI-BYOS:shadow-4.2.1-27.3.3 SUSE Linux Enterprise Desktop 12 SP2:shadow-4.2.1-27.3.3 SUSE Linux Enterprise Desktop 12 SP3:shadow-4.2.1-27.3.3 SUSE Linux Enterprise Desktop 12 SP4:shadow-4.2.1-27.19.1 SUSE Linux Enterprise High Performance Computing 12 SP5:shadow-4.2.1-34.20 SUSE Linux Enterprise Server 12 SP2:shadow-4.2.1-27.3.3 SUSE Linux Enterprise Server 12 SP3:shadow-4.2.1-27.3.3 SUSE Linux Enterprise Server 12 SP4:shadow-4.2.1-27.19.1 SUSE Linux Enterprise Server 12 SP5:shadow-4.2.1-34.20 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:shadow-4.2.1-27.3.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:shadow-4.2.1-27.3.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:shadow-4.2.1-27.3.3 SUSE Linux Enterprise Server for SAP Applications 12 SP5:shadow-4.2.1-34.20 moderate 3.7 AV:L/AC:H/Au:N/C:P/I:P/A:P 7 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H