CVE-2023-42465

sudo: Targeted Corruption of Register and Stack Variables

Severity Score

7.0

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.

Sudo anterior a 1.9.15 podría permitir row hammer attacks (para eludir la autenticación o escalar privilegios) porque la lógica de la aplicación a veces se basa en no igualar un valor de error (en lugar de igualar un valor de éxito) y porque los valores no resisten los cambios de un solo bit.

A flaw was found in the sudo package. This issue could allow a local authenticated attacker to cause a bit to flip, which enables fault injection and may authenticate as the root user.

*Credits: N/A

CVSS Scores

NISTv3.1 7.0

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2023-09-11 CVE Reserved
2023-12-22 CVE Published
2024-01-04 EPSS Updated
2024-08-02 CVE Updated
2024-08-02 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-1319: Improper Protection against Electromagnetic Fault Injection (EM-FI)

CAPEC

References (11)

URL	Tag	Source
https://arxiv.org/abs/2309.02545	Technical Description
https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_15	Release Notes
https://security.netapp.com/advisory/ntap-20240208-0002
https://www.sudo.ws/releases/changelog	Release Notes

URL	Date	SRC
https://www.openwall.com/lists/oss-security/2023/12/21/9	2024-08-02

URL	Date	SRC
https://github.com/sudo-project/sudo/commit/7873f8334c8d31031f8cfa83bd97ac6029309e4f	2024-02-18

URL	Date	SRC
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R4Q23NHCKCLFIHSNY6KJ27GM7FSCEVXM	2024-02-18
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6XMRUJCPII4MPWG43HTYR76DGLEYEFZ	2024-02-18
https://security.gentoo.org/glsa/202401-29	2024-02-18
https://access.redhat.com/security/cve/CVE-2023-42465	2024-03-19
https://bugzilla.redhat.com/show_bug.cgi?id=2255568	2024-03-19

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Sudo Project Search vendor "Sudo Project"		Sudo Search vendor "Sudo Project" for product "Sudo"				< 1.9.15 Search vendor "Sudo Project" for product "Sudo" and version " < 1.9.15"		-		Affected