It was discovered that shadow was not properly sanitizing memory when
running the password utility. An attacker could possibly use this issue
to retrieve a password from memory, exposing sensitive information.

Read More