Several security issues were fixed in Sudo ...
Sudo could be made to possibly edit arbitrary files
if it received a specially crafted input ...
Matthieu Barjole and Victor Cutillas discovered that sudoedit in sudo, a
program designed to provide limited super user privileges to specific
users, does not properly handle '--' to separate the editor and
arguments from files to edit A local user permitted to edit certain
files can take advantage of this flaw to edit a file not permitted by
the ...
In Sudo before 1912p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process This can lead to privilege escalation Affected versions are 180 through 1912p1 The proble ...
In Sudo before 1912p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process This can lead to privilege escalation Affected versions are 180 through 1912p1 The proble ...
Synopsis
Important: sudo security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for sudo is now available for Red Hat Enterprise Linux 82 Advanced Update Support, Red Hat Enterprise Linux 82 Telecommu ...
Synopsis
Important: sudo security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for sudo is now available for Red Hat Enterprise Linux 74 Advanced Update SupportRed Hat Product Security has rated this ...
Synopsis
Important: sudo security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for sudo is now available for Red Hat Enterprise Linux 76 Advanced Update SupportRed Hat Product Security has rated this ...
概述
Important: sudo security update
类型/严重性
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
标题
An update for sudo is now available for Red Hat Enterprise Linux 77 Advanced Update Support, Red Hat Enterprise Linux 77 Telco E ...
Synopsis
Important: sudo security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for sudo is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product Security has rated this ...
Synopsis
Important: Red Hat Virtualization Host 44z SP 1 security update batch#4 (oVirt-453-4)
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for redhat-release-virtualization-host and redhat-virtualization ...
Synopsis
Important: sudo security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for sudo is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a securi ...
Synopsis
Important: Red Hat OpenShift Data Foundation 4130 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4130 on Red Hat Enterprise Linux 9Red Hat ...
Description<!---->A vulnerability was found in sudo Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user (usually root) The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a file using sudoeditA vulnerability ...
ALAS-2023-289
Amazon Linux 2022 Security Advisory: ALAS-2023-289
Advisory Release Date: 2023-01-31 21:12 Pacific
Advisory Updated Date: 2023-01-31 21:12 Pac ...
CVE-2023-22809 Impact of Sudo Vulnerability CVE-2023-22809 ...