Lucene search
OracleLinuxELSA-2024-0811HistoryFeb 14, 2024 - 12:00 a.m.
sudo security update
2024-02-1400:00:00
linux.oracle.com
2
rhel
security update
cve-2023-28487
cve-2023-28486
cve-2023-42465
sudo
erratum
rhel-21834
rhel-21828
rhel-21821
rhel-21825
rhel-21831
rhel-21820
unix
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
28.8%
RHEL 9.3.0.Z ERRATUM
[1.9.5p2-10]
- CVE-2023-28487 sudo: Sudo does not escape control characters in sudoreplay output
Resolves: RHEL-21834 - CVE-2023-28486 sudo: Sudo does not escape control characters in log messages
Resolves: RHEL-21828 - CVE-2023-42465 sudo: Targeted Corruption of Register and Stack Variables
Resolves: RHEL-21821
RHEL 8.9.0.Z ERRATUM
[1.9.5p2-1] - Rebase to 1.9.5p2
- CVE-2023-28486 sudo: Sudo does not escape control characters in log messages
Resolves: RHEL-21825 - CVE-2023-28487 sudo: Sudo does not escape control characters in sudoreplay output
Resolves: RHEL-21831 - CVE-2023-42465 sudo: Targeted Corruption of Register and Stack Variables
Resolves: RHEL-21820
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | sudo | < 1.9.5p2-1.el8_9 | sudo-1.9.5p2-1.el8_9.src.rpm |
| oracle linux | 8 | src | sudo | < 1.9.5p2-1.el8_9 | sudo-1.9.5p2-1.el8_9.src.rpm |
| oracle linux | 8 | aarch64 | sudo | < 1.9.5p2-1.el8_9 | sudo-1.9.5p2-1.el8_9.aarch64.rpm |
| oracle linux | 8 | aarch64 | sudo | < 1.9.5p2-1.el8_9 | sudo-1.9.5p2-1.el8_9.aarch64.rpm |
| oracle linux | 8 | src | sudo | < 1.9.5p2-1.el8_9 | sudo-1.9.5p2-1.el8_9.src.rpm |
| oracle linux | 8 | src | sudo | < 1.9.5p2-1.el8_9 | sudo-1.9.5p2-1.el8_9.src.rpm |
| oracle linux | 8 | x86_64 | sudo | < 1.9.5p2-1.el8_9 | sudo-1.9.5p2-1.el8_9.x86_64.rpm |
| oracle linux | 8 | x86_64 | sudo | < 1.9.5p2-1.el8_9 | sudo-1.9.5p2-1.el8_9.x86_64.rpm |
| oracle linux | 9 | src | sudo | < 1.9.5p2-10.el9_3 | sudo-1.9.5p2-10.el9_3.src.rpm |
| oracle linux | 9 | src | sudo | < 1.9.5p2-10.el9_3 | sudo-1.9.5p2-10.el9_3.src.rpm |
Related
osv
osv
Moderate: sudo security update
2024-02-14 00:00:00
sudo vulnerabilities
2023-04-11 14:19:40
sudo vulnerabilities
2023-05-29 11:02:51
nessus
nessus
AlmaLinux 9 : sudo (ALSA-2024:0811)
2024-02-14 00:00:00
RHEL 8 / 9 : sudo (RHSA-2024:0811)
2024-02-14 00:00:00
CentOS 8 : sudo (CESA-2024:0811)
2024-02-21 00:00:00
almalinux
almalinux
Moderate: sudo security update
2024-02-14 00:00:00
redhat
redhat
amazon
amazon
mageia
mageia
Updated sudo packages fix security vulnerability
2023-04-11 22:02:20
ubuntu
ubuntu
Sudo vulnerabilities
2023-04-11 00:00:00
Sudo vulnerabilities
2023-05-29 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2023-1831)
2023-05-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:1698-1)
2023-03-31 00:00:00
Ubuntu: Security Advisory (USN-6005-1)
2023-04-12 00:00:00
cloudfoundry
cloudfoundry
USN-6005-1: Sudo vulnerabilities | Cloud Foundry
2023-04-24 00:00:00
ubuntucve
ubuntucve
photon
photon
Moderate Photon OS Security Update - PHSA-2023-3.0-0627
2023-08-04 00:00:00
Moderate Photon OS Security Update - PHSA-2023-4.0-0446
2023-08-04 00:00:00
Important Photon OS Security Update - PHSA-2024-4.0-0539
2024-01-06 00:00:00
gentoo
gentoo
sudo: Multiple Vulnerabilities
2023-09-29 00:00:00
sudo: Memory Manipulation
2024-01-24 00:00:00
debian
debian
[SECURITY] [DLA 3732-1] sudo security update
2024-02-03 09:27:24
cbl_mariner
cbl_mariner
CVE-2023-28486 affecting package sudo 1.9.12p2-1
2023-04-07 04:59:55
CVE-2023-42465 affecting package sudo for versions less than 1.9.15p5-1
2024-01-19 03:54:24
CVE-2023-28487 affecting package sudo 1.9.12p2-1
2023-04-07 04:59:55
prion
prion
Authentication flaw
2023-12-22 16:15:00
Code injection
2023-03-16 01:15:00
Code injection
2023-03-16 01:15:00
cloudlinux
cloudlinux
sudo: Fix of CVE-2023-42465
2024-02-20 11:18:42
sudo: Fix of CVE-2023-42465
2024-02-22 22:07:28
fedora
fedora
[SECURITY] Fedora 38 Update: sudo-1.9.15-1.p5.fc38
2024-02-18 01:50:00
[SECURITY] Fedora 39 Update: sudo-1.9.15-1.p5.fc39
2024-01-28 03:13:16
debiancve
debiancve
redos
redos
ROS-20240410-06
2024-04-10 00:00:00
ROS-20240328-17
2024-03-28 00:00:00
ROS-20240328-04
2024-03-28 00:00:00
alpinelinux
alpinelinux
CVE-2023-28486
2023-03-16 01:15:00
CVE-2023-28487
2023-03-16 01:15:00
cve
cve
veracode
veracode
Information Disclosure
2023-03-24 15:41:20
Information Disclosure
2023-03-24 15:41:21
redhatcve
redhatcve
slackware
slackware
[slackware-security] sudo
2023-11-07 20:03:49
ibm
ibm
avleonov
avleonov
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
28.8%
Related for ELSA-2024-0811