CVE-2023-22809

HIGH7.8EPSS 41.7%

sudo - security update

Published: 1/18/2023Modified: 4/28/2026

Description

In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.

Affected packages (4)

Alpine/sudofrom 0, < 1.9.12_p2-r0
Debian/sudofrom 0, < 1.9.5p2-3+deb11u1
Debian/sudofrom 0, < 1.8.27-1+deb10u5
Debian/sudofrom 0, < 1.9.5p2-3+deb11u1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References (2)

ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2023-22809
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2023-22809