Product:

Sudo

(Sudo_project)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 22
Date Id Summary Products Score Patch Annotated
2022-11-02 CVE-2022-43995 Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer. The impact could vary depending on the system libraries, compiler, and processor architecture. Sudo 7.1
2022-11-02 CVE-2022-43995 Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer. The impact could vary depending on the system libraries, compiler, and processor architecture. Sudo 7.1
2021-01-26 CVE-2021-3156 Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. Privilege_management_for_mac, Privilege_management_for_unix\/linux, Debian_linux, Fedora, Web_gateway, Active_iq_unified_manager, Cloud_backup, Hci_management_node, Oncommand_unified_manager_core_package, Ontap_select_deploy_administration_utility, Ontap_tools, Solidfire, Communications_performance_intelligence_center, Micros_compact_workstation_3_firmware, Micros_es400_firmware, Micros_kitchen_display_system_firmware, Micros_workstation_5a_firmware, Micros_workstation_6_firmware, Tekelec_platform_distribution, Sudo, Diskstation_manager, Diskstation_manager_unified_controller, Skynas_firmware, Vs960hd_firmware 7.8
2021-01-12 CVE-2021-23239 The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path. Debian_linux, Fedora, Cloud_backup, Hci_management_node, Solidfire, Sudo 2.5
2021-01-12 CVE-2021-23240 selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable. Fedora, Hci_management_node, Solidfire, Sudo 7.8
2023-01-18 CVE-2023-22809 In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim --... Macos, Debian_linux, Fedora, Sudo 7.8
2023-02-28 CVE-2023-27320 Sudo before 1.9.13p2 has a double free in the per-command chroot feature. Fedora, Sudo 7.2
2023-03-16 CVE-2023-28486 Sudo before 1.9.13 does not escape control characters in log messages. Active_iq_unified_manager, Sudo 5.3
2023-03-16 CVE-2023-28487 Sudo before 1.9.13 does not escape control characters in sudoreplay output. Active_iq_unified_manager, Sudo 5.3
2023-12-22 CVE-2023-42465 Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit. Sudo 7.0