CVE-2023-42465

Опубликовано: 22 дек. 2023

Источник: ubuntu

Приоритет: medium

CVSS3: 7

Описание

Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.

Релиз	Статус	Примечание
bionic	ignored	end of standard support
devel	not-affected	code not compiled
esm-infra-legacy/trusty	not-affected	code not compiled
esm-infra/bionic	not-affected	code not compiled
esm-infra/focal	not-affected	code not compiled
esm-infra/xenial	not-affected	code not compiled
focal	not-affected	code not compiled
jammy	not-affected	code not compiled
lunar	not-affected	code not compiled
mantic	not-affected	code not compiled

Показывать по

Ссылки на источники

7 High

CVSS3

Связанные уязвимости

CVE-2023-42465

CVSS3: 7

redhat

больше 2 лет назад

CVE-2023-42465

CVSS3: 7

nvd

около 2 лет назад

CVE-2023-42465

CVSS3: 7

msrc

около 2 лет назад

Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value) and because the values do not resist flips of a single bit.

CVE-2023-42465

CVSS3: 7

debian

около 2 лет назад

Sudo before 1.9.15 might allow row hammer attacks (for authentication ...

SUSE-SU-2024:0890-1

suse-cvrf

почти 2 года назад

Security update for sudo

7 High

CVSS3

CVE-2023-42465

Описание

Пакет sudo

Ссылки на источники

Связанные уязвимости