sudo: Root Privilege Escalation — GLSA 202305-12

A vulnerability has been discovered in sudo which could result in root privilege escalation.

Affected packages

app-admin/sudo on all architectures
Affected versions < 1.9.12_p2
Unaffected versions >= 1.9.12_p2

Background

sudo allows a system administrator to give users the ability to run commands as other users.

Description

The sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process.

Impact

The improper processing of user's environment variables could lead to the editing of arbitrary files as root, potentially leading to root privilege escalation.

Workaround

There is no known workaround at this time.

Resolution

All sudo users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-admin/sudo-1.9.12_p2"
 

References

Release date
May 03, 2023

Latest revision
May 03, 2023: 1

Severity
high

Exploitable
remote

Bugzilla entries