CVE-2019-15900

Name of the Vulnerable Software and Affected Versions slicer69 doas versions prior to 6.2

Description An issue was discovered in slicer69 doas where sscanf was used without checking for error cases on platforms without strtonum(3). The uninitialized variable errstr was checked, and in some cases, it returned success even if sscanf failed. This resulted in executing commands as root instead of reporting that the supplied username or group name did not exist.

Recommendations For versions prior to 6.2, update to version 6.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the affected command execution functionality until a patch is available.