CVE-2023-26604

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions systemd versions prior to 247

Description The issue is related to inadequate blocking of local privilege escalation for some Sudo configurations, specifically when the "systemctl status" command may be executed. This is due to systemd not setting LESSSECURE to 1, allowing other programs to be launched from the less program. As a result, less executes as root when the terminal size is too small to show the complete systemctl output, presenting a substantial security risk when running systemctl from Sudo.

Recommendations For versions prior to 247, update to version 247 or later to resolve the issue. As a temporary workaround, consider disabling the execution of the less program when running systemctl from Sudo, or restrict access to the systemctl status command to minimize the risk of exploitation. Additionally, review and adjust Sudo configurations to prevent the execution of potentially vulnerable commands.

Exploit

Fix

LPE

Improper Privilege Management

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269CWE-284

Related Identifiers

ALSA-2023:3837

ALSA-2023_3837

ALT-PU-2020-3436

ALT-PU-2022-1212

BDU:2023-03862

CESA-2023_3837

CVE-2023-26604

DLA-3377-1

ELSA-2023-3837

ELSA-2024-7705

OESA-2023-1166

OESA-2023-1167

RHSA-2023:3837

RHSA-2023_3837

RHSA-2024:1105

RHSA-2024:7705

RLSA-2023:3837

RLSA-2023_3837

SUSE-SU-2023:1622-1

SUSE-SU-2023:1776-1

SUSE-SU-2023_1622-1

SUSE-SU-2023_1776-1

SUSE-SU-2025:02019-1

SUSE-SU-2025_02019-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Red Hat

Red Os

Rocky Linux

Suse

Systemd

CVE-2023-26604

Weakness Enumeration

Related Identifiers

Affected Products

References · 71