Logo

dev-resources.site

for different kinds of informations.

sudoedit (`sudo -e`) security flaw (CVE-2023-22809)

Published at
1/19/2023
Categories
sudo
sudoedit
security
vulnerability
Author
nabbisen
Main Article
https://dev.to/nabbisen/sudoedit-sudo-e-security-flaw-cve-2023-22809-4pk5
Categories
4 categories in total
sudo
open
sudoedit
open
security
open
vulnerability
open
Author
8 person written this
nabbisen
open
sudoedit (`sudo -e`) security flaw (CVE-2023-22809)

Security vulnerability

A new sudo vulnerability was found. It was on sudoedit (sudo -e) flaw. With it, attackers can edit arbitrary files, and therefore machines were at the risk of the pwned and having information steeled.

CVE

CVE-2023-22809

Impact

(with appreciation to @jmau111's comments)

The official website statements:

If no users have been granted access to sudoedit there is no impact.

It is the case, for example, that /etc/sudoers (or the target visudo uses) has such a line:

someuser ALL=(root) sudoedit /etc/some.conf
Enter fullscreen mode Exit fullscreen mode

someuser can edit another file by exploiting the flaw.

Solution

If sudo is 1.8 or greater, it is recommended to update it to the latest version (1.9.12p2) released today, on 2023-01-19.

Temporary workaround

In case that you can't update it right now,

the official website describes there is a way to mitigate it by adding the line below to sudoers:

Defaults!sudoedit    env_delete+="SUDO_EDITOR VISUAL EDITOR"
Enter fullscreen mode Exit fullscreen mode

Reference

This post is based on the tweets by my company

vulnerability Article's
30 articles in total
Favicon
Beware of Spring Boot Actuator Endpoint env: A Security Alert
Favicon
OWASP Broken Access Control Vulnerabilities
Favicon
Server side (vulnerability scanning)
Favicon
Patch your servers! It's time of regreSSHion
Favicon
buffer Overflow (Application Vulnerability)
Favicon
Death to the invincible engineer
Favicon
Unveiling the XZ Backdoor: A Deep Dive into the Shocking Supply Chain Attack
Favicon
Understanding Cross-Site Scripting (XSS)
Favicon
Death to the invincible engineer
Favicon
What is Race Condition Vulnerability?
Favicon
Port Scan Tools
Favicon
Docker Scout
Favicon
What is path travelsal vulnerability?
Favicon
Insecure Direct Object Reference (IDOR) vulnerability types
Favicon
Rational Shift-Left Security for Developers
Favicon
Mastering Node.js Security: Top Strategies for Resolving Vulnerabilities
Favicon
10 Best Vulnerability Scanner Tools For Penetration Testing
Favicon
Comprised Mac Studio — Hacked Developer Server - Remote Access Technology
Favicon
sudoedit (`sudo -e`) security flaw (CVE-2023-22809)
Favicon
Un Dependabot más inteligente y silencioso
Favicon
sudoedit (`sudo -e`) に係る脆弱性 (CVE-2023-22809)
Favicon
CVE vulnerabilities on Google Chrome prior to releases around on Dec. 2022
Favicon
Google Chrome の CVE 脆弱性: 2022 年 12 月頃のリリースバージョンまで
Favicon
Spring Framework 6.0.0 compatibility with Java 11
Favicon
Top websites for website vulnerability checks online
Favicon
P1 Bug Bounties: What is an IDOR, and how does IDOR == $$$?
Favicon
Sekurak MSHP CTF Summary - Part 1
Favicon
How I found an S3 vulnerability in a $85 million funded startup and reported it ethically
Favicon
CycloneDX SBom (Software Bill of material) Maven Demo
Favicon
Forging GraphQL Bombs, the 2022 version of Zip Bombs

Featured ones:

Favicon
Open
abubakersiddique761
Favicon
Open
0x3d_site
Favicon
Open
0x2e_tech
Favicon
Open
0x4c-quest
Favicon
Open
gittech