Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 24 Aug 2016 16:28:12 +0930
From: Doran Moppert <dmoppert@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE request - sudoers on Red Hat, Fedora, Mageia information
 disclosure

The inclusion of "INPUTRC" in env_keep in /etc/sudoers allowed
information disclosure through readline-enabled programs parsing the
named file with elevated privileges.  Local users with sudo access could
read (portions of) specially-formatted files with elevated privileges.
Future versions of readline will make the vulnerability more significant
by showing error messages for malformed entries, rather than silently
ignoring them.

This flaw is distribution-specific - upstream sudo does not include
INPUTRC, and we are not aware at this time of any other distros that
include it.

The following packages address this issue:

	sudo-1.8.15-2.fc22
	sudo-1.8.15-2.fc23
	sudo-1.8.16-4.fc24
	sudo-1.8.17p1-1.mga5

This was brought to our attention by Grisha Levit.

https://bugzilla.redhat.com/show_bug.cgi?id=1339935

-- 
Doran Moppert
Red Hat Product Security

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ