CVE-2023-42465
Publication date 22 December 2023
Last updated 24 July 2024
Ubuntu priority
Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| sudo | ||
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal |
Not affected
|
|
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty |
Not affected
|
Notes
rodrigo-zaiden
part of the code in the fix commit, in plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/sudo_auth.c and plugins/sudoers/auth/sudo_auth.h is not built with Ubuntu as it is using PAM support. for the other part, the code fixed in plugins/sudoers/lookup.c was added in version 1.9.15. hence not affecting any Ubuntu releases, and for plugins/sudoers/match.c, part was added in 1.8.21, that if considered just by itself, it doesn't worth patching.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
7.0 · High
|
| Attack vector | Local |
| Attack complexity | High |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |