PT-2023-1647 · Sudo+4 · Sudo+4

Published

2023-02-27

Updated

2025-07-02

CVE-2023-27320

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Sudo versions prior to 1.9.13p2

Description The issue is related to a double free in the per-command chroot feature of the Sudo program. This can potentially allow an attacker to cause a denial of service.

Recommendations For versions prior to 1.9.13p2, update to version 1.9.13p2 or later to resolve the issue.

Exploit

Fix

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

ALT-PU-2023-1357

ALT-PU-2023-1440

ALT-PU-2024-7909

AZL-13784

BDU:2023-01183

CVE-2023-27320

OESA-2023-1160

OESA-2023-1172

OPENSUSE-SU-2024:12795-1

SUSE-SU-2023:1665-1

SUSE-SU-2023_1665-1

USN-5908-1

Affected Products

Alt Linux

Linuxmint

Sudo

Suse

Ubuntu

PT-2023-1647 · Sudo+4 · Sudo+4

CVE-2023-27320

Weakness Enumeration

Related Identifiers

Affected Products

References · 48