2179272 – (CVE-2023-28486) CVE-2023-28486 sudo: Sudo does not escape control characters in log messages

Bug 2179272 (CVE-2023-28486) - CVE-2023-28486 sudo: Sudo does not escape control characters in log messages

Summary: CVE-2023-28486 sudo: Sudo does not escape control characters in log messages

Keywords:
Status:	NEW
Alias:	CVE-2023-28486
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2179274 2179275 2182148 2182149
Blocks:	2179004
TreeView+	depends on / blocked

Reported:	2023-03-17 07:47 UTC by Sandipan Roy
Modified:	2024-02-14 00:29 UTC (History)
CC List:	2 users (show)
Fixed In Version:	sudo-1.9.13
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in the sudo package, shipped with Red Hat Enterprise Linux 8 and 9, where sudo improperly escapes terminal control characters during logging operations. As sudo's log messages may contain user-controlled strings, this may allow an attacker to inject terminal control commands, leading to a leak of restricted information.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2024:0811	0	None	None	None	2024-02-14 00:29:32 UTC

Description Sandipan Roy 2023-03-17 07:47:36 UTC

Sudo before 1.9.13 does not escape control characters in log messages.

https://github.com/sudo-project/sudo/commit/334daf92b31b79ce68ed75e2ee14fca265f029ca
https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_13

Comment 1 Sandipan Roy 2023-03-17 07:51:05 UTC

Created sudo tracking bugs for this issue:

Affects: fedora-36 [bug 2179274]
Affects: fedora-37 [bug 2179275]

Comment 5 errata-xmlrpc 2024-02-14 00:29:31 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support
  Red Hat Enterprise Linux 8.8 Extended Update Support
  Red Hat Enterprise Linux 9.0 Extended Update Support
  Red Hat Enterprise Linux 9.2 Extended Update Support
  Red Hat Enterprise Linux 9
  Red Hat Enterprise Linux 8

Via RHSA-2024:0811 https://access.redhat.com/errata/RHSA-2024:0811

Note You need to log in before you can comment on or make changes to this bug.