CVE-2023-7090

NameCVE-2023-7090
DescriptionA flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore, it leads to privilege mismanagement vulnerability in applications, where client hosts retain privileges even after retracting them.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3732-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
sudo (PTS)jessie, jessie (lts)1.8.10p3-1+deb8u9fixed
stretch (security)1.8.19p1-2.1+deb9u3fixed
stretch (lts), stretch1.8.19p1-2.1+deb9u6fixed
buster1.8.27-1+deb10u3vulnerable
buster (security)1.8.27-1+deb10u6fixed
bullseye (security), bullseye1.9.5p2-3+deb11u1fixed
bookworm1.9.13p3-1+deb12u1fixed
sid, trixie1.9.15p5-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sudosourcejessie(not affected)
sudosourcestretch(not affected)
sudosourcebuster1.8.27-1+deb10u6DLA-3732-1
sudosource(unstable)1.8.28p1-1

Notes

https://github.com/sudo-project/sudo/commit/e99082e05b9f0dd0e0f47fa1d2e1b9d922ea8c4c (SUDO_1_8_28p1)
https://www.sudo.ws/repos/sudo/rev/b4f31dbe3109
https://www.sudo.ws/releases/legacy/#1.8.28
https://www.sudo.ws/pipermail/sudo-workers/2019-August/001248.html
https://www.sudo.ws/pipermail/sudo-workers/2019-August/001249.html
[stretch] - sudo <not-affected> (the issue was introduced in version 1.8.24, according to upstream, when sudoers parsing was unified. probably with commit 0b31f186, 70d519c8 or around them)
[jessie] - sudo <not-affected> (the issue was introduced in version 1.8.24, according to upstream, when sudoers parsing was unified. probably with commit 0b31f186, 70d519c8 or around them)
Search for package or bug name: Reporting problems