Security issue CVE-2024-2905: World-readable /etc/shadow & /etc/gshadow on Fedora CoreOS, IoT, Atomic Desktops (including Silverblue & Kinoite)

Current Fedora versions that were installed as Fedora 39 are affected.

It you used an rpm-ostree version of Fedora since it was on 38 or below, and upgraded to 39, you are not affected.

The update with the fix rolls out today. As a workaround you can use this

sudo chmod --verbose 0000 /etc/shadow /etc/gshadow /etc/shadow- /etc/gshadow-

It is recommended to change all credentials stored there, i.e. at least your user(s) password(s).