CVE-2023-42465 – sudo: Targeted Corruption of Register and Stack Variables
https://notcve.org/view.php?id=CVE-2023-42465
Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit. Sudo anterior a 1.9.15 podría permitir row hammer attacks (para eludir la autenticación o escalar privilegios) porque la lógica de la aplicación a veces se basa en no igualar un valor de error (en lugar de igualar un valor de éxito) y porque los valores no resisten los cambios de un solo bit. A flaw was found in the sudo package. This issue could allow a local authenticated attacker to cause a bit to flip, which enables fault injection and may authenticate as the root user. • https://arxiv.org/abs/2309.02545 https://github.com/sudo-project/sudo/commit/7873f8334c8d31031f8cfa83bd97ac6029309e4f https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_15 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R4Q23NHCKCLFIHSNY6KJ27GM7FSCEVXM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6XMRUJCPII4MPWG43HTYR76DGLEYEFZ https://security.gentoo.org/glsa/202401-29 https://security.netapp.com/advisory/ntap-20240208-0002 • CWE-1319: Improper Protection against Electromagnetic Fault Injection (EM-FI) •
CVE-2023-27320
https://notcve.org/view.php?id=CVE-2023-27320
Sudo before 1.9.13p2 has a double free in the per-command chroot feature. • http://www.openwall.com/lists/oss-security/2023/03/01/8 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/332KN4QI6QXB7NI7SWSJ2EQJKWIILFN6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLXMRAMXC3BYL4DNKVTK3V6JDMUXZ7B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6VW24YGXJYI4NZ5HZPQCF4MCE7766AU https://security.gentoo.org/glsa/202309-12 https://security.netapp.com/advisory/ntap-20230413-0009 https: • CWE-415: Double Free •