Ubuntu 5811-3: Sudo vulnerability | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute
==========================================================================
Ubuntu Security Notice USN-5811-3
January 30, 2023

sudo vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 ESM

Summary:

Several security issues were fixed in Sudo.

Software Description:
- sudo: Provide limited super user privileges to specific users

Details:

USN-5811-1 fixed a vulnerability in Sudo. This update provides
the corresponding update for Ubuntu 14.04 ESM.

Original advisory details:

 Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly
 handled user-specified editors when using the sudoedit command. A local
 attacker that has permission to use the sudoedit command could possibly use
 this issue to edit arbitrary files. (CVE-2023-22809)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
  sudo                            1.8.9p5-1ubuntu1.5+esm7
  sudo-ldap                       1.8.9p5-1ubuntu1.5+esm7

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5811-3
  https://ubuntu.com/security/notices/USN-5811-1
  CVE-2023-22809

Ubuntu 5811-3: Sudo vulnerability

January 30, 2023
Several security issues were fixed in Sudo.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM Summary: Several security issues were fixed in Sudo. Software Description: - sudo: Provide limited super user privileges to specific users Details: USN-5811-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has permission to use the sudoedit command could possibly use this issue to edit arbitrary files. (CVE-2023-22809)

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: sudo 1.8.9p5-1ubuntu1.5+esm7 sudo-ldap 1.8.9p5-1ubuntu1.5+esm7 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5811-3

https://ubuntu.com/security/notices/USN-5811-1

CVE-2023-22809

Severity
Ubuntu Security Notice USN-5811-3

Package Information

Related News

Kali Linux 2023.1 Introduces 'Purple' Distro for Defensive Security

Companies Can’t Stop Using Open Source

8 Reasons Why Kali Linux is the Ultimate Operating System for Hackers

Microsoft Opens Azure Confidential Containers to Public Preview

News

Advisories

HOWTOs

Features

Best Linux Backup Solutions to Prevent Data Loss in A Ransomware Attack
ManageEngine Vulnerability Manager Plus: How To Protect Your Enterprise from Security Vulnerabilities
High-Impact DoS, Arbitrary Code Execution, Spoofing Bugs Fixed in Thunderbird 102.9.0
A Guide to Business Cybersecurity: Common Digital Attacks and Precautions
New Linux IceFire Ransomware Variant Discovered: What You Need to Know to Secure Your Systems

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy