Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:0227-1

Опубликовано: 26 янв. 2021
Источник: suse-cvrf

Описание

Security update for sudo

This update for sudo fixes the following issues:

  • A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges [bsc#1181090,CVE-2021-3156]
  • It was possible for a user to test for the existence of a directory due to a Race Condition in sudoedit [bsc#1180684,CVE-2021-23239]
  • A Possible Symlink Attack vector existed in sudoedit if SELinux was running in permissive mode [bsc#1180685, CVE-2021-23240]
  • It was possible for a User to enable Debug Settings not Intended for them [bsc#1180687]

Список пакетов

Container ses/6/cephcsi/cephcsi:latest
sudo-1.8.22-4.15.1
Container ses/6/rook/ceph:latest
sudo-1.8.22-4.15.1
Container ses/7/cephcsi/cephcsi:latest
sudo-1.8.22-4.15.1
Container ses/7/rook/ceph:latest
sudo-1.8.22-4.15.1
Container suse/sle-micro/5.0/toolbox:latest
sudo-1.8.22-4.15.1
SUSE Enterprise Storage 6
sudo-1.8.22-4.15.1
sudo-devel-1.8.22-4.15.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
sudo-1.8.22-4.15.1
sudo-devel-1.8.22-4.15.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
sudo-1.8.22-4.15.1
sudo-devel-1.8.22-4.15.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
sudo-1.8.22-4.15.1
sudo-devel-1.8.22-4.15.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
sudo-1.8.22-4.15.1
sudo-devel-1.8.22-4.15.1
SUSE Linux Enterprise Module for Basesystem 15 SP1
sudo-1.8.22-4.15.1
sudo-devel-1.8.22-4.15.1
SUSE Linux Enterprise Module for Basesystem 15 SP2
sudo-1.8.22-4.15.1
sudo-devel-1.8.22-4.15.1
SUSE Linux Enterprise Server 15 SP1-BCL
sudo-1.8.22-4.15.1
sudo-devel-1.8.22-4.15.1
SUSE Linux Enterprise Server 15 SP1-LTSS
sudo-1.8.22-4.15.1
sudo-devel-1.8.22-4.15.1
SUSE Linux Enterprise Server 15-LTSS
sudo-1.8.22-4.15.1
sudo-devel-1.8.22-4.15.1
SUSE Linux Enterprise Server for SAP Applications 15
sudo-1.8.22-4.15.1
sudo-devel-1.8.22-4.15.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
sudo-1.8.22-4.15.1
sudo-devel-1.8.22-4.15.1
SUSE Manager Proxy 4.0
sudo-1.8.22-4.15.1
sudo-devel-1.8.22-4.15.1
SUSE Manager Retail Branch Server 4.0
sudo-1.8.22-4.15.1
sudo-devel-1.8.22-4.15.1
SUSE Manager Server 4.0
sudo-1.8.22-4.15.1
sudo-devel-1.8.22-4.15.1

Ссылки

Описание

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.

Затронутые продукты
Container ses/6/cephcsi/cephcsi:latest:sudo-1.8.22-4.15.1
Container ses/6/rook/ceph:latest:sudo-1.8.22-4.15.1
Container ses/7/cephcsi/cephcsi:latest:sudo-1.8.22-4.15.1
Container ses/7/rook/ceph:latest:sudo-1.8.22-4.15.1
Ссылки

Описание

selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable.

Затронутые продукты
Container ses/6/cephcsi/cephcsi:latest:sudo-1.8.22-4.15.1
Container ses/6/rook/ceph:latest:sudo-1.8.22-4.15.1
Container ses/7/cephcsi/cephcsi:latest:sudo-1.8.22-4.15.1
Container ses/7/rook/ceph:latest:sudo-1.8.22-4.15.1
Ссылки

Описание

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

Затронутые продукты
Container ses/6/cephcsi/cephcsi:latest:sudo-1.8.22-4.15.1
Container ses/6/rook/ceph:latest:sudo-1.8.22-4.15.1
Container ses/7/cephcsi/cephcsi:latest:sudo-1.8.22-4.15.1
Container ses/7/rook/ceph:latest:sudo-1.8.22-4.15.1
Ссылки
Уязвимость SUSE-SU-2021:0227-1