Privilege Escalation Vulnerability in sudoedit (CVE-2023-22809)

Skip to first unread message

Fleury, Terry

Jan 25, 2023, 4:27:35 PM1/25/23

CI Operators:

A vulnerability discovered in the sudo package (CVE-2023-22809 [1]) could lead to arbitrary file writes with privileges of the RunAs user (typically root) [2].



The sudoedit feature (i.e., "sudo -e") mishandles additional arguments passed to the user-provided environment variables such as VISUAL and EDITOR, allowing a local attacker to edit arbitrary files with escalated privileges. This vulnerability is rated "high" since an attack is simple, but requires a local user account.


Affected Software

sudo v1.8.0 - v1.9.12p1



Update the "sudo" package on your system as soon as possible. Updates are available for all major Linux distributions. Alternatively, the issue can be mitigated [3] by preventing user-specified editors in the sudoers file as follows.


    Defaults!sudoedit env_delete+="SUDO_EDITOR VISUAL EDITOR"







How Trusted CI can help:

The potential impact of any vulnerability, and therefore the appropriate response, depends in part on operational conditions that are unique to each cyberinfrastructure deployment. Trusted CI cannot provide a one-size-fits-all severity rating and response recommendation for all NSF cyberinfrastructure. Please contact us ( if you need assistance with assessing the potential impact of this vulnerability in your environment and/or you have additional information about this issue that should be shared with the community.


You are receiving this message because you are subscribed to The archive of previous alerts is publicly accessible. If you prefer not to receive future alerts, you can unsubscribe.


Reply all
Reply to author
0 new messages