PT-2023-8553 · Sudo+7 · Sudo+7
Published
2023-09-05
·
Updated
2025-11-05
·
CVE-2023-42465
CVSS v3.1
7.0
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Sudo versions prior to 1.9.15
Description
The issue is related to the authentication procedure in Sudo, which might allow row hammer attacks for authentication bypass or privilege escalation. This is because the application logic sometimes relies on not equaling an error value instead of equaling a success value, and the values do not resist flips of a single bit. The vulnerability is associated with weaknesses in the authentication procedure, potentially allowing an attacker to escalate their privileges.
Recommendations
For Sudo versions prior to 1.9.15, update to version 1.9.15 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the system to minimize the risk of exploitation. Avoid using the vulnerable authentication mechanism until the issue is resolved.
Exploit
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Almalinux
Centos
Debian
Red Hat
Red Os
Sudo
Suse