Alerts This Week
Warning Icon 1 681
Alerts This Week
Warning Icon 1 681

Ubuntu 16.04 ESM: USN-5811-2 Moderate: Sudo File Edit Threat Analysis

Calendar Jan 18, 2023 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory security fix moderate severity sudo file access ubuntu arbitrary edit
Sudo could be made to possibly edit arbitrary files if it received a specially crafted input. 
=========================================================================Ubuntu Security Notice USN-5811-2
January 18, 2023

sudo vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM

Summary:

Sudo could be made to possibly edit arbitrary files
if it received a specially crafted input.

Software Description:
- sudo: Provide limited super user privileges to specific users
Details:

USN-5811-1 fixed a vulnerability in Sudo. This update provides
the corresponding update for Ubuntu 16.04 ESM.

Original advisory details:

 Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly
 handled user-specified editors when using the sudoedit command. A local
 attacker that has permission to use the sudoedit command could possibly use
 this issue to edit arbitrary files. (CVE-2023-22809)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
  sudo                            1.8.16-0ubuntu1.10+esm1
  sudo-ldap                       1.8.16-0ubuntu1.10+esm1

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5811-2
  https://ubuntu.com/security/notices/USN-5811-1
  CVE-2023-22809

Ubuntu 16.04 ESM: USN-5811-2 Moderate: Sudo File Edit Threat Analysis

ubuntu
Calendar Grey January 18, 2023
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-5820-3 pertains to a potential flaw in the sudo utility that might enable unauthorized file modifications through specially designed inputs.
Sudo could be made to possibly edit arbitrary files if it received a specially crafted input.

Summary

Topics%20covered

Topics Covered

security advisory security fix moderate severity sudo file access ubuntu arbitrary edit

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: sudo 1.8.16-0ubuntu1.10+esm1 sudo-ldap 1.8.16-0ubuntu1.10+esm1 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5811-2

https://ubuntu.com/security/notices/USN-5811-1

CVE-2023-22809

January 18, 2023

Topics%20covered

Topics Covered

security advisory security fix moderate severity sudo file access ubuntu arbitrary edit

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here