all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-5811-1: Sudo vulnerabilities

Add to bookmarks
Jan. 18, 2023, 5:44 p.m. |

Ubuntu security notices ubuntu.com

Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly
handled user-specified editors when using the sudoedit command. A local
attacker that has permission to use the sudoedit command could possibly use
this issue to edit arbitrary files. (CVE-2023-22809)

It was discovered that the Protobuf-c library, used by Sudo, incorrectly
handled certain arithmetic shifts. An attacker could possibly use this
issue to cause Sudo to crash, resulting in a denial of service. This issue
only affected Ubuntu 22.04 LTS. (CVE-2022-33070)

command crash cve denial of service files issue library local permission service shifts sudo sudoedit ubuntu usn vulnerabilities

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6770-1: Fossil regression 19 hours ago | ubuntu.com
apache discovery fixes handling +9
USN-6769-1: Spreadsheet::ParseXLSX vulnerabilities 20 hours ago | ubuntu.com
attacker configuration cve cve-2024 +14
USN-6768-1: GLib vulnerability 23 hours ago | ubuntu.com
attacker bus d-bus escalation +10
USN-6767-1: Linux kernel vulnerabilities 2 days, 17 hours ago | ubuntu.com
attacker compromise crash cve +19
USN-6766-1: Linux kernel vulnerabilities 2 days, 17 hours ago | ubuntu.com
action attacker conditions crash +19
USN-6765-1: Linux kernel (OEM) vulnerabilities 2 days, 21 hours ago | ubuntu.com
attacker crash cve data +15
USN-6764-1: libde265 vulnerability 2 days, 21 hours ago | ubuntu.com
attacker automated denial of service file +7
USN-6754-2: nghttp2 vulnerability 2 days, 22 hours ago | ubuntu.com
advisory attacker denial of service http +11
USN-6763-1: libvirt vulnerability 3 days, 1 hour ago | ubuntu.com
access attacker authorization issue +6

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Cybersecurity Engineer III

@ Hexagon US Federal | Huntsville, AL
View on infosec-jobs.com

Cybersecurity Technical Advisor

@ Microsoft | Reading, Berkshire, United Kingdom
View on infosec-jobs.com

Cybersecurity Engineer

@ Mindvalley | Kuala Lumpur, Kuala Lumpur, Malaysia
View on infosec-jobs.com

Network Security (Meraki) Infrastructure Lead

@ Sopra Steria | Noida, Uttar Pradesh, India
View on infosec-jobs.com

Sr. Director, Product Security

@ Ro | New York City or Remote
View on infosec-jobs.com

Senior Research Engineer, Cryptography (PhD Entry Level)

@ Seagate Technology | Shakopee, MN, US
View on infosec-jobs.com
View more jobs