CVE-2023-42465

Опубликовано: 27 дек. 2023

Источник: msrc

CVSS3: 7

EPSS Низкий

Описание

Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value) and because the values do not resist flips of a single bit.

EPSS

Процентиль: 0%

0.00004

Низкий

7 High

CVSS3

Связанные уязвимости

CVE-2023-42465

CVSS3: 7

ubuntu

почти 2 года назад

Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.

CVE-2023-42465

CVSS3: 7

redhat

около 2 лет назад

Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.

CVE-2023-42465

CVSS3: 7

nvd

почти 2 года назад

Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.

CVE-2023-42465

CVSS3: 7

debian

почти 2 года назад

Sudo before 1.9.15 might allow row hammer attacks (for authentication ...

SUSE-SU-2024:0890-1

suse-cvrf

больше 1 года назад

Security update for sudo

EPSS

Процентиль: 0%

0.00004

Низкий

7 High

CVSS3