In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u #$((0xffffffff))" command.
{
"unresolved_ranges": [
{
"cpes": [
"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"
],
"source": "CPE_STRING",
"extracted_events": [
{
"last_affected": "12.04"
},
{
"last_affected": "14.04"
},
{
"last_affected": "16.04"
},
{
"last_affected": "18.04"
},
{
"last_affected": "19.04"
}
],
"vendor_product": "canonical:ubuntu_linux"
},
{
"cpes": [
"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"
],
"source": "CPE_STRING",
"extracted_events": [
{
"last_affected": "8.0"
},
{
"last_affected": "9.0"
},
{
"last_affected": "10.0"
}
],
"vendor_product": "debian:debian_linux"
},
{
"source": "CPE_STRING",
"cpes": [
"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"last_affected": "29"
},
{
"last_affected": "30"
},
{
"last_affected": "31"
}
],
"vendor_product": "fedoraproject:fedora"
},
{
"source": "CPE_STRING",
"cpes": [
"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"last_affected": "15.0"
},
{
"last_affected": "15.1"
}
],
"vendor_product": "opensuse:leap"
},
{
"source": "CPE_STRING",
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"last_affected": "8.0"
}
],
"vendor_product": "redhat:enterprise_linux"
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"
],
"source": "CPE_STRING",
"extracted_events": [
{
"last_affected": "6.0"
},
{
"last_affected": "7.0"
}
],
"vendor_product": "redhat:enterprise_linux_desktop"
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*"
],
"source": "CPE_STRING",
"extracted_events": [
{
"last_affected": "7.5"
},
{
"last_affected": "7.6"
},
{
"last_affected": "7.7"
},
{
"last_affected": "8.1"
},
{
"last_affected": "8.2"
},
{
"last_affected": "8.4"
}
],
"vendor_product": "redhat:enterprise_linux_eus"
},
{
"source": "CPE_STRING",
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"last_affected": "5.0"
},
{
"last_affected": "6.0"
},
{
"last_affected": "7.0"
}
],
"vendor_product": "redhat:enterprise_linux_server"
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*"
],
"source": "CPE_STRING",
"extracted_events": [
{
"last_affected": "6.5"
},
{
"last_affected": "6.6"
},
{
"last_affected": "7.2"
},
{
"last_affected": "7.3"
},
{
"last_affected": "7.4"
},
{
"last_affected": "7.6"
},
{
"last_affected": "7.7"
},
{
"last_affected": "8.2"
},
{
"last_affected": "8.4"
}
],
"vendor_product": "redhat:enterprise_linux_server_aus"
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*"
],
"source": "CPE_STRING",
"extracted_events": [
{
"last_affected": "7.2"
},
{
"last_affected": "7.3"
},
{
"last_affected": "7.4"
},
{
"last_affected": "7.6"
},
{
"last_affected": "7.7"
},
{
"last_affected": "8.2"
},
{
"last_affected": "8.4"
}
],
"vendor_product": "redhat:enterprise_linux_server_tus"
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"
],
"source": "CPE_STRING",
"extracted_events": [
{
"last_affected": "6.0"
},
{
"last_affected": "7.0"
}
],
"vendor_product": "redhat:enterprise_linux_workstation"
},
{
"source": "CPE_STRING",
"cpes": [
"cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"last_affected": "4.1"
}
],
"vendor_product": "redhat:openshift_container_platform"
},
{
"cpes": [
"cpe:2.3:a:redhat:virtualization:4.2:*:*:*:*:*:*:*"
],
"source": "CPE_STRING",
"extracted_events": [
{
"last_affected": "4.2"
}
],
"vendor_product": "redhat:virtualization"
}
]
}{
"source": "CPE_RANGE",
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "1.8.28"
}
],
"cpe": "cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*"
}