Описание
OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session. NOTE: TIOCSTI is unavailable in OpenBSD 6.0 and later, and can be made unavailable in the Linux kernel 6.2 and later.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| doas | removed | package | ||
| doas | no-dsa | bullseye | package | |
| opendoas | unfixed | package | ||
| opendoas | not-affected | trixie | package | |
| opendoas | ignored | bookworm | package |
Примечания
https://github.com/Duncaen/OpenDoas/issues/106
https://www.openwall.com/lists/oss-security/2023/03/14/4
Since Linux 6.4.4-1 (uploaded on 23 Jul 2023), TIOCSTI is disabled on the
kernel side, marking opendoas upload as not-affected since no upload happened since
then
Связанные уязвимости
OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session. NOTE: TIOCSTI is unavailable in OpenBSD 6.0 and later, and can be made unavailable in the Linux kernel 6.2 and later.
OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session. NOTE: TIOCSTI is unavailable in OpenBSD 6.0 and later, and can be made unavailable in the Linux kernel 6.2 and later.
OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session. NOTE: TIOCSTI is unavailable in OpenBSD 6.0 and later, and can be made unavailable in the Linux kernel 6.2 and later.