Privilege Escalation Vulnerability in sudoedit (CVE-2023-22809)

4 views
Skip to first unread message

Fleury, Terry

unread,
Jan 25, 2023, 4:27:35 PM1/25/23
to cv-an...@trustedci.org

CI Operators:

A vulnerability discovered in the sudo package (CVE-2023-22809 [1]) could lead to arbitrary file writes with privileges of the RunAs user (typically root) [2].

 

Impact:

The sudoedit feature (i.e., "sudo -e") mishandles additional arguments passed to the user-provided environment variables such as VISUAL and EDITOR, allowing a local attacker to edit arbitrary files with escalated privileges. This vulnerability is rated "high" since an attack is simple, but requires a local user account.

 

Affected Software

sudo v1.8.0 - v1.9.12p1

 

Recommendation:

Update the "sudo" package on your system as soon as possible. Updates are available for all major Linux distributions. Alternatively, the issue can be mitigated [3] by preventing user-specified editors in the sudoers file as follows.

 

    Defaults!sudoedit env_delete+="SUDO_EDITOR VISUAL EDITOR"

 

References:

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22809

[2] https://bugzilla.redhat.com/show_bug.cgi?id=2161142 

[3] https://access.redhat.com/security/cve/CVE-2023-22809 

 

How Trusted CI can help:

The potential impact of any vulnerability, and therefore the appropriate response, depends in part on operational conditions that are unique to each cyberinfrastructure deployment. Trusted CI cannot provide a one-size-fits-all severity rating and response recommendation for all NSF cyberinfrastructure. Please contact us (https://trustedci.org/help/) if you need assistance with assessing the potential impact of this vulnerability in your environment and/or you have additional information about this issue that should be shared with the community.

 

You are receiving this message because you are subscribed to cv-an...@trustedci.org. The archive of previous alerts is publicly accessible. If you prefer not to receive future alerts, you can unsubscribe.

 

Reply all
Reply to author
Forward
0 new messages