{"id":"CVE-2016-6252","details":"Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap.","modified":"2026-03-20T11:12:21.058235Z","published":"2017-02-17T17:59:00.937Z","related":["MGASA-2017-0024","SUSE-SU-2018:1995-1","SUSE-SU-2018:1997-1","SUSE-SU-2018:1997-2"],"references":[{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2016/07/19/6"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2016/07/19/7"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2016/07/20/2"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/92055"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201706-02"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3793"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2016/07/25/7"},{"type":"FIX","url":"https://github.com/shadow-maint/shadow/issues/27"},{"type":"FIX","url":"https://bugzilla.suse.com/show_bug.cgi?id=979282"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/shadow-maint/shadow","events":[{"introduced":"0"},{"last_affected":"578947e6614aae91e2550c83790e79479b951e40"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.2.1"}]}}],"versions":["4.2.1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-6252.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}