Ubuntu 5908-1: Sudo vulnerability | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute
==========================================================================
Ubuntu Security Notice USN-5908-1
March 02, 2023

sudo vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.10
- Ubuntu 22.04 LTS

Summary:

Sudo could be made to crash or escalate privileges.

Software Description:
- sudo: Provide limited super user privileges to specific users

Details:

It was discovered that Sudo incorrectly handled the per-command chroot
feature. In certain environments where Sudo is configured with a rule that
contains a CHROOT setting, a local attacker could use this issue to cause
Sudo to crash, resulting in a denial of service, or possibly escalate
privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.10:
   sudo                            1.9.11p3-1ubuntu1.2
   sudo-ldap                       1.9.11p3-1ubuntu1.2

Ubuntu 22.04 LTS:
   sudo                            1.9.9-1ubuntu2.3
   sudo-ldap                       1.9.9-1ubuntu2.3

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-5908-1
   CVE-2023-27320

Package Information:
   https://launchpad.net/ubuntu/+source/sudo/1.9.11p3-1ubuntu1.2
   https://launchpad.net/ubuntu/+source/sudo/1.9.9-1ubuntu2.3

Ubuntu 5908-1: Sudo vulnerability

March 2, 2023
Sudo could be made to crash or escalate privileges.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS Summary: Sudo could be made to crash or escalate privileges. Software Description: - sudo: Provide limited super user privileges to specific users Details: It was discovered that Sudo incorrectly handled the per-command chroot feature. In certain environments where Sudo is configured with a rule that contains a CHROOT setting, a local attacker could use this issue to cause Sudo to crash, resulting in a denial of service, or possibly escalate privileges.

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: sudo 1.9.11p3-1ubuntu1.2 sudo-ldap 1.9.11p3-1ubuntu1.2 Ubuntu 22.04 LTS: sudo 1.9.9-1ubuntu2.3 sudo-ldap 1.9.9-1ubuntu2.3 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5908-1

CVE-2023-27320

Severity
Ubuntu Security Notice USN-5908-1

Package Information

https://launchpad.net/ubuntu/+source/sudo/1.9.11p3-1ubuntu1.2 https://launchpad.net/ubuntu/+source/sudo/1.9.9-1ubuntu2.3

Related News

Microsoft warns: These flaws could give attackers root privileges on Linux desktops

News

Advisories

HOWTOs

Features

Best Linux Backup Solutions to Prevent Data Loss in A Ransomware Attack
ManageEngine Vulnerability Manager Plus: How To Protect Your Enterprise from Security Vulnerabilities
High-Impact DoS, Arbitrary Code Execution, Spoofing Bugs Fixed in Thunderbird 102.9.0
A Guide to Business Cybersecurity: Common Digital Attacks and Precautions
New Linux IceFire Ransomware Variant Discovered: What You Need to Know to Secure Your Systems

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy