Headline
Red Hat Security Advisory 2023-3276-01
Red Hat Security Advisory 2023-3276-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: sudo security update
Advisory ID: RHSA-2023:3276-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2023:3276
Issue date: 2023-05-23
CVE Names: CVE-2023-22809
=====================================================================
- Summary:
An update for sudo is now available for Red Hat Enterprise Linux 7.7
Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update
Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP
Solutions.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.7) - x86_64
Red Hat Enterprise Linux Server E4S (v. 7.7) - ppc64le, x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 7.7) - x86_64
Red Hat Enterprise Linux Server Optional E4S (v. 7.7) - ppc64le, x86_64
Red Hat Enterprise Linux Server Optional TUS (v. 7.7) - x86_64
Red Hat Enterprise Linux Server TUS (v. 7.7) - x86_64
- Description:
The sudo packages contain the sudo utility which allows system
administrators to provide certain users with the permission to execute
privileged commands, which are used for system management purposes, without
having to log in as root.
Security Fix(es):
- sudo: arbitrary file write with privileges of the RunAs user
(CVE-2023-22809)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
2161142 - CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user
- Package List:
Red Hat Enterprise Linux Server AUS (v. 7.7):
Source:
sudo-1.8.23-4.el7_7.4.src.rpm
x86_64:
sudo-1.8.23-4.el7_7.4.x86_64.rpm
sudo-debuginfo-1.8.23-4.el7_7.4.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.7):
Source:
sudo-1.8.23-4.el7_7.4.src.rpm
ppc64le:
sudo-1.8.23-4.el7_7.4.ppc64le.rpm
sudo-debuginfo-1.8.23-4.el7_7.4.ppc64le.rpm
x86_64:
sudo-1.8.23-4.el7_7.4.x86_64.rpm
sudo-debuginfo-1.8.23-4.el7_7.4.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.7):
Source:
sudo-1.8.23-4.el7_7.4.src.rpm
x86_64:
sudo-1.8.23-4.el7_7.4.x86_64.rpm
sudo-debuginfo-1.8.23-4.el7_7.4.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.7):
x86_64:
sudo-debuginfo-1.8.23-4.el7_7.4.i686.rpm
sudo-debuginfo-1.8.23-4.el7_7.4.x86_64.rpm
sudo-devel-1.8.23-4.el7_7.4.i686.rpm
sudo-devel-1.8.23-4.el7_7.4.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.7):
ppc64le:
sudo-debuginfo-1.8.23-4.el7_7.4.ppc64le.rpm
sudo-devel-1.8.23-4.el7_7.4.ppc64le.rpm
x86_64:
sudo-debuginfo-1.8.23-4.el7_7.4.i686.rpm
sudo-debuginfo-1.8.23-4.el7_7.4.x86_64.rpm
sudo-devel-1.8.23-4.el7_7.4.i686.rpm
sudo-devel-1.8.23-4.el7_7.4.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.7):
x86_64:
sudo-debuginfo-1.8.23-4.el7_7.4.i686.rpm
sudo-debuginfo-1.8.23-4.el7_7.4.x86_64.rpm
sudo-devel-1.8.23-4.el7_7.4.i686.rpm
sudo-devel-1.8.23-4.el7_7.4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2023-22809
https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is [email protected]. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBZG4WztzjgjWX9erEAQhvDA//a7zdxuDu2osHSQfgO7W3VrPSpvMcwQhT
hCWJoZdTD1scqqa9ZgBhyhWDtWkQ/46TnUEa4+zuofVa8JfMg6DT/D7Rl6elpLaJ
1oOlJLk+mnRai8CxbTzMBwevfIHdF1jdFxQkmhetSHMS2z0Nw73NmwyXuwNv3AYg
mU/3IuL9ZiSX8eJ8xMuFNZ+G4QQvshXo6oqvv3fbnJ2YHGc1ezjqqp7byLIrcNm2
Kq8lURZP1jBpvRedrPEOWqQfZN7NiE4AN5J5epcS1rlSSkzpYQhGxidJgjHnQK0M
X18tkmRlHhLsIJK0dBK0gZJ6u72l2im1EwhMB1PweWUrGlyByfSed/2KHD1IPfxD
TGwKqfFE7v4WMJULFxuS87QNp+lkz5xarUXS/Lv9t9IQkuaTorbWoEsPxXOUtz30
mIlJXwixHgY9JQ8z3ABrSi0GPzuhnr2XcE69n3RuT9fz5+AX/nOWVM/mQdP1jsYd
7Hk0WUR44dhvSNNmRmRik2q0m5WFn3hu+eo1dJ135iSYEZCNgGj26V8PKmithgz0
MUfcUa8wAHw3nNq7Ytf9YarmRHpbonQtObzbYuPvGd1jd8Or/gg3tLOJBNX5Prg+
EOErA+4dZ4kiOLj+L100j7/sqYgrJ0rdEGwQvQZkyh0kRdnwQ7JTVILJpkBXGtju
0MP32q3pLe8=
=drCU
-----END PGP SIGNATURE-----
–
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce
Related news
Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).
Gentoo Linux Security Advisory 202305-12 - A vulnerability has been discovered in sudo which could result in root privilege escalation. Versions less than 1.9.12_p2 are affected.
In LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.
Red Hat Security Advisory 2023-0859-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include code execution and integer overflow vulnerabilities.
An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4139: An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer ...
Ubuntu Security Notice 5811-3 - USN-5811-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has permission to use the sudoedit command could possibly use this issue to edit arbitrary files.
Red Hat Security Advisory 2023-0284-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.
An update for sudo is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22809: sudo: arbitrary file write with privileges of the RunAs user
An update for sudo is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22809: sudo: arbitrary file write with privileges of the RunAs user
Debian Linux Security Advisory 5321-1 - Matthieu Barjole and Victor Cutillas discovered that sudoedit in sudo, a program designed to provide limited super user privileges to specific users, does not properly handle '--' to separate the editor and arguments from files to edit. A local user permitted to edit certain files can take advantage of this flaw to edit a file not permitted by the security policy, resulting in privilege escalation.
In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.