Описание
Security update for sudo
This update for sudo fixes the following issues:
- CVE-2023-42465: Fixed issues introduced by first patches (bsc#1221151, bsc#1221134).
Список пакетов
Container suse/sle-micro-rancher/5.3:latest
sudo-1.9.9-150400.4.36.1
Container suse/sle-micro-rancher/5.4:latest
sudo-1.9.9-150400.4.36.1
Container suse/sle-micro/5.3/toolbox:latest
sudo-1.9.9-150400.4.36.1
Container suse/sle-micro/5.4/toolbox:latest
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-BYOS
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-BYOS-Azure
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-BYOS-EC2
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-BYOS-GCE
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-CHOST-BYOS
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-CHOST-BYOS-Aliyun
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-CHOST-BYOS-Azure
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-CHOST-BYOS-EC2
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-CHOST-BYOS-GCE
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-CHOST-BYOS-SAP-CCloud
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-HPC-BYOS
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-HPC-BYOS-Azure
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-HPC-BYOS-EC2
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-HPC-BYOS-GCE
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-HPC-EC2
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-HPC-GCE
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Hardened-BYOS
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Hardened-BYOS-Azure
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Hardened-BYOS-EC2
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Hardened-BYOS-GCE
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Manager-Server-4-3
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Manager-Server-4-3-Azure-llc
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Manager-Server-4-3-Azure-ltd
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Manager-Server-4-3-BYOS
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Manager-Server-4-3-EC2-llc
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Manager-Server-4-3-EC2-ltd
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Micro-5-3
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Micro-5-3-BYOS
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Micro-5-3-BYOS-Azure
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Micro-5-3-BYOS-EC2
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Micro-5-3-BYOS-GCE
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Micro-5-3-EC2
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Micro-5-4
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Micro-5-4-BYOS
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Micro-5-4-BYOS-Azure
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Micro-5-4-BYOS-EC2
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Micro-5-4-BYOS-GCE
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Micro-5-4-EC2
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-Micro-5-4-GCE
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-Azure
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-Azure-LI-BYOS
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-BYOS
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-BYOS-Azure
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-BYOS-EC2
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-BYOS-GCE
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-EC2
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-GCE
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-Hardened
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-Hardened-Azure
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-Hardened-BYOS
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-Hardened-BYOS-Azure
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-Hardened-BYOS-EC2
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-Hardened-BYOS-GCE
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAP-Hardened-GCE
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAPCAL
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAPCAL-Azure
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAPCAL-EC2
sudo-1.9.9-150400.4.36.1
Image SLES15-SP4-SAPCAL-GCE
sudo-1.9.9-150400.4.36.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
sudo-1.9.9-150400.4.36.1
sudo-devel-1.9.9-150400.4.36.1
sudo-plugin-python-1.9.9-150400.4.36.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
sudo-1.9.9-150400.4.36.1
sudo-devel-1.9.9-150400.4.36.1
sudo-plugin-python-1.9.9-150400.4.36.1
SUSE Linux Enterprise Micro 5.3
sudo-1.9.9-150400.4.36.1
SUSE Linux Enterprise Micro 5.4
sudo-1.9.9-150400.4.36.1
SUSE Linux Enterprise Server 15 SP4-LTSS
sudo-1.9.9-150400.4.36.1
sudo-devel-1.9.9-150400.4.36.1
sudo-plugin-python-1.9.9-150400.4.36.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
sudo-1.9.9-150400.4.36.1
sudo-devel-1.9.9-150400.4.36.1
sudo-plugin-python-1.9.9-150400.4.36.1
SUSE Manager Proxy 4.3
sudo-1.9.9-150400.4.36.1
sudo-devel-1.9.9-150400.4.36.1
sudo-plugin-python-1.9.9-150400.4.36.1
SUSE Manager Server 4.3
sudo-1.9.9-150400.4.36.1
sudo-devel-1.9.9-150400.4.36.1
sudo-plugin-python-1.9.9-150400.4.36.1
openSUSE Leap Micro 5.3
sudo-1.9.9-150400.4.36.1
openSUSE Leap Micro 5.4
sudo-1.9.9-150400.4.36.1
Ссылки
- Link for SUSE-SU-2024:0877-1
- E-Mail link for SUSE-SU-2024:0877-1
- SUSE Security Ratings
- SUSE Bug 1221134
- SUSE Bug 1221151
- SUSE CVE CVE-2023-42465 page
Описание
Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.
Затронутые продукты
Container suse/sle-micro-rancher/5.3:latest:sudo-1.9.9-150400.4.36.1
Container suse/sle-micro-rancher/5.4:latest:sudo-1.9.9-150400.4.36.1
Container suse/sle-micro/5.3/toolbox:latest:sudo-1.9.9-150400.4.36.1
Container suse/sle-micro/5.4/toolbox:latest:sudo-1.9.9-150400.4.36.1
Ссылки
- CVE-2023-42465
- SUSE Bug 1219026
- SUSE Bug 1221593
- SUSE Bug 1224872