Search CVE reports
11 – 20 of 50 results
CVE-2021-23240
Negligible priorityselinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects...
1 affected package
sudo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sudo | Not affected | Not affected | Needs evaluation | Needs evaluation | Ignored |
CVE-2021-23239
Low prioritySome fixes available 12 of 13
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an...
1 affected package
sudo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sudo | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2019-18634
Low priorityIn Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT...
1 affected package
sudo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sudo | — | — | — | Fixed | Fixed |
CVE-2019-19234
Low prioritySome fixes available 1 of 2
** DISPUTED ** In Sudo through 1.8.29, the fact that a user has been blocked (e.g., by using the ! character in the shadow file instead of a password hash) is not considered, allowing an attacker (who has access to a Runas ALL...
1 affected package
sudo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sudo | — | — | Fixed | Not affected | Not affected |
CVE-2019-19232
Low prioritySome fixes available 1 of 2
** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The...
1 affected package
sudo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sudo | — | — | Fixed | Not affected | Not affected |
CVE-2005-4890
Low priorityThere is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input...
2 affected packages
shadow, sudo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
shadow | — | — | Not affected | Not affected | Not affected |
sudo | — | — | Not affected | Not affected | Not affected |
CVE-2019-18684
Low priority** DISPUTED ** Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and...
1 affected package
sudo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sudo | — | — | — | Not affected | Not affected |
CVE-2019-14287
Medium priorityIn Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this...
1 affected package
sudo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sudo | — | — | — | Fixed | Fixed |
CVE-2016-7076
Medium prioritySome fixes available 2 of 4
sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application...
1 affected package
sudo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sudo | — | — | Not affected | Not affected | Fixed |
CVE-2015-8239
Low priorityThe SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.
1 affected package
sudo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sudo | Not affected | Not affected | Not affected | Not affected | Not affected |