Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:0225-1

Опубликовано: 26 янв. 2021
Источник: suse-cvrf

Описание

Security update for sudo

This update for sudo fixes the following issues:

  • A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges [bsc#1181090,CVE-2021-3156]
  • It was possible for a user to test for the existence of a directory due to a Race Condition in sudoedit [bsc#1180684,CVE-2021-23239]
  • A Possible Symlink Attack vector existed in sudoedit if SELinux was running in permissive mode [bsc#1180685, CVE-2021-23240]
  • It was possible for a User to enable Debug Settings not Intended for them [bsc#1180687]

Список пакетов

Image SLES12-SP5-Azure-BYOS
sudo-1.8.27-4.6.1
Image SLES12-SP5-Azure-Basic-On-Demand
sudo-1.8.27-4.6.1
Image SLES12-SP5-Azure-HPC-BYOS
sudo-1.8.27-4.6.1
Image SLES12-SP5-Azure-HPC-On-Demand
sudo-1.8.27-4.6.1
Image SLES12-SP5-Azure-SAP-BYOS
sudo-1.8.27-4.6.1
Image SLES12-SP5-Azure-SAP-On-Demand
sudo-1.8.27-4.6.1
Image SLES12-SP5-Azure-Standard-On-Demand
sudo-1.8.27-4.6.1
Image SLES12-SP5-EC2-BYOS
sudo-1.8.27-4.6.1
Image SLES12-SP5-EC2-ECS-On-Demand
sudo-1.8.27-4.6.1
Image SLES12-SP5-EC2-On-Demand
sudo-1.8.27-4.6.1
Image SLES12-SP5-EC2-SAP-BYOS
sudo-1.8.27-4.6.1
Image SLES12-SP5-EC2-SAP-On-Demand
sudo-1.8.27-4.6.1
Image SLES12-SP5-GCE-BYOS
sudo-1.8.27-4.6.1
Image SLES12-SP5-GCE-On-Demand
sudo-1.8.27-4.6.1
Image SLES12-SP5-GCE-SAP-BYOS
sudo-1.8.27-4.6.1
Image SLES12-SP5-GCE-SAP-On-Demand
sudo-1.8.27-4.6.1
Image SLES12-SP5-OCI-BYOS-BYOS
sudo-1.8.27-4.6.1
Image SLES12-SP5-OCI-BYOS-SAP-BYOS
sudo-1.8.27-4.6.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
sudo-1.8.27-4.6.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
sudo-1.8.27-4.6.1
SUSE Linux Enterprise Server 12 SP5
sudo-1.8.27-4.6.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
sudo-1.8.27-4.6.1
SUSE Linux Enterprise Software Development Kit 12 SP5
sudo-devel-1.8.27-4.6.1

Ссылки

Описание

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.

Затронутые продукты
Image SLES12-SP5-Azure-BYOS:sudo-1.8.27-4.6.1
Image SLES12-SP5-Azure-Basic-On-Demand:sudo-1.8.27-4.6.1
Image SLES12-SP5-Azure-HPC-BYOS:sudo-1.8.27-4.6.1
Image SLES12-SP5-Azure-HPC-On-Demand:sudo-1.8.27-4.6.1
Ссылки

Описание

selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable.

Затронутые продукты
Image SLES12-SP5-Azure-BYOS:sudo-1.8.27-4.6.1
Image SLES12-SP5-Azure-Basic-On-Demand:sudo-1.8.27-4.6.1
Image SLES12-SP5-Azure-HPC-BYOS:sudo-1.8.27-4.6.1
Image SLES12-SP5-Azure-HPC-On-Demand:sudo-1.8.27-4.6.1
Ссылки

Описание

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

Затронутые продукты
Image SLES12-SP5-Azure-BYOS:sudo-1.8.27-4.6.1
Image SLES12-SP5-Azure-Basic-On-Demand:sudo-1.8.27-4.6.1
Image SLES12-SP5-Azure-HPC-BYOS:sudo-1.8.27-4.6.1
Image SLES12-SP5-Azure-HPC-On-Demand:sudo-1.8.27-4.6.1
Ссылки