An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute arbitrary commands as root.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Alpine | 3.16-community | noarch | packer | = 1.8.1-r4 | UNKNOWN |
Alpine | 3.17-community | noarch | packer | = 1.8.4-r5 | UNKNOWN |
Alpine | 3.18-community | noarch | packer | = 1.8.7-r4 | UNKNOWN |