Vulnerability BDU:2023-01183: Information
Description
Уязвимость функции set_cmnd_path() программы системного администрирования Sudo, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
sudo | sisyphus | 1.9.13p2-alt1 | 1.9.15p5-alt1 | ALT-PU-2023-1357-1 | 315940 | Fixed |
sudo | sisyphus_e2k | 1.9.13p2-alt1 | 1.9.15p5-alt1 | ALT-PU-2023-2767-1 | - | Fixed |
sudo | sisyphus_riscv64 | 1.9.13p2-alt1 | 1.9.15p5-alt1 | ALT-PU-2023-2741-1 | - | Fixed |
sudo | p10 | 1.9.13p2-alt1 | 1.9.15p1-alt1 | ALT-PU-2023-1440-1 | 315936 | Fixed |
sudo | p10_e2k | 1.9.13p2-alt1 | 1.9.15p1-alt1 | ALT-PU-2023-2911-1 | - | Fixed |
sudo | c10f1 | 1.9.13p2-alt1 | 1.9.15p1-alt1 | ALT-PU-2023-1440-1 | 315936 | Fixed |
sudo | c9f2 | 1.9.15p5-alt0.c9f2.1 | 1.9.15p5-alt0.c9f2.1 | ALT-PU-2024-7909-3 | 348297 | Fixed |
sudo | p11 | 1.9.13p2-alt1 | 1.9.15p5-alt1 | ALT-PU-2023-1357-1 | 315940 | Fixed |
References to Advisories, Solutions, and Tools
Vulnerability Status | Подтверждена производителем |
Presence of an exploit | Данные уточняются |
Fix status | Уязвимость устранена |
Software Type | Операционная система, Прикладное ПО информационных систем |
Solution | Использование рекомендаций: Для Sudo: https://www.sudo.ws/releases/stable/#1.9.13p2 Для Ubuntu: https://ubuntu.com/security/CVE-2023-27320 https://ubuntu.com/security/notices/USN-5908-1 Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2023-27320 Для Fedora: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPLXMRAMXC3BYL4DNKVTK3V6JDMUXZ7B/ Для программных продуктов Novell Inc.: https://www.suse.com/security/cve/CVE-2023-27320.html Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства |
Sources | https://access.redhat.com/security/cve/cve-2023-27320 https://www.openwall.com/lists/oss-security/2023/02/28/1 https://www.openwall.com/lists/oss-security/2023/03/01/8 https://www.sudo.ws/releases/stable/#1.9.13p2 https://ubuntu.com/security/CVE-2023-27320 https://ubuntu.com/security/notices/USN-5908-1 https://security-tracker.debian.org/tracker/CVE-2023-27320 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPLXMRAMXC3BYL4DNKVTK3V6JDMUXZ7B/ https://www.suse.com/security/cve/CVE-2023-27320.html https://altsp.su/obnovleniya-bezopasnosti/ |
Other system identifiers |