all InfoSec news
sudoedit (`sudo -e`) security flaw (CVE-2023-22809)
DEV Community dev.to
Security vulnerability
A new sudo vulnerability was found. It was on sudoedit (sudo -e) flaw. With it, attackers can edit arbitrary files, and therefore machines were at the risk of the pwned and having information steeled.
CVE
Solution
If sudo is 1.8 or greater, it is recommended to update it to the latest version (1.9.12p2) released today, on 2023-01-19.
Temporary workaround
In case that you can't update it right now,
the official website describes there is a …
attackers case cve files flaw information latest machines official pwned risk security security vulnerability solution sudo sudoedit update version vulnerability website workaround