It was found that libuser, as used in the chfn userhelper functionality, does not properly filter out newline characters, which allows an authenticated local attacker to corrupt the /etc/passwd file and cause denial-of-service against the system. A flaw was found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate their privileges to root