CVE-2023-22809

HIGH7.8EPSS 39.9%

sudo - security update

發布日:2023/1/18修改日:2026/4/28

也稱為:ALPINE-CVE-2023-22809DEBIAN-CVE-2023-22809

描述

In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.

受影響套件(4)

Alpine/sudofrom 0, < 1.9.12_p2-r0
Debian/sudofrom 0, < 1.9.5p2-3+deb11u1
Debian/sudofrom 0, < 1.8.27-1+deb10u5
Debian/sudofrom 0, < 1.9.5p2-3+deb11u1

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH7.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

參考連結(2)

ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2023-22809
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2023-22809