Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 898510 (CVE-2023-27320) - <app-admin/sudo-1.9.13_p2: double free with per-command chroot sudoers rules
Summary: <app-admin/sudo-1.9.13_p2: double free with per-command chroot sudoers rules
Status: RESOLVED FIXED
Alias: CVE-2023-27320
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://www.openwall.com/lists/oss-se...
Whiteboard: B2 [glsa+]
Keywords:
Depends on: 891405
Blocks:
  Show dependency tree
 
Reported: 2023-03-01 01:57 UTC by John Helmert III
Modified: 2023-09-29 12:17 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-03-01 01:57:33 UTC
"A flaw exists in sudo's per-command chroot feature that could result
in the variable that stores the command being freed more than once.

I believe this is a fairly low-impact bug as the per-command chroot
feature is not widely used.  The bug was caught by glibc's double-free
detection while I was performing some chroot-related testing.  No
one else has reported the bug which leads me to believe it probably
has not been encountered in the wild.

Sudo versions affected:

    Sudo versions 1.9.8 through 1.9.13p1 inclusive are affected.
    Versions of sudo prior to 1.9.8 are not affected."

Please stabilize 1.9.13p2 when ready.
Comment 1 Mathieu Tortuyaux 2023-03-13 13:40:25 UTC
Hello,

Passing by - I think the CVE ID is CVE-2023-27320 (and not CVE-2023-2730). See: https://nvd.nist.gov/vuln/detail/CVE-2023-27320
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2023-03-14 00:33:19 UTC
(In reply to mathieu.tortuyaux from comment #1)
> Hello,
> 
> Passing by - I think the CVE ID is CVE-2023-27320 (and not CVE-2023-2730).
> See: https://nvd.nist.gov/vuln/detail/CVE-2023-27320

thakns!
Comment 3 Larry the Git Cow gentoo-dev 2023-09-29 12:16:55 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=0654687f767ea0ec35b7400d19b29574fbdb4c2f

commit 0654687f767ea0ec35b7400d19b29574fbdb4c2f
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2023-09-29 12:15:42 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2023-09-29 12:16:41 +0000

    [ GLSA 202309-12 ] sudo: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/898510
    Bug: https://bugs.gentoo.org/905322
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202309-12.xml | 45 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)