Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20160824065811.GB7400@sin.redhat.com>
Date: Wed, 24 Aug 2016 16:28:12 +0930
From: Doran Moppert <dmoppert@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE request - sudoers on Red Hat, Fedora, Mageia information
 disclosure

The inclusion of "INPUTRC" in env_keep in /etc/sudoers allowed
information disclosure through readline-enabled programs parsing the
named file with elevated privileges.  Local users with sudo access could
read (portions of) specially-formatted files with elevated privileges.
Future versions of readline will make the vulnerability more significant
by showing error messages for malformed entries, rather than silently
ignoring them.

This flaw is distribution-specific - upstream sudo does not include
INPUTRC, and we are not aware at this time of any other distros that
include it.

The following packages address this issue:

	sudo-1.8.15-2.fc22
	sudo-1.8.15-2.fc23
	sudo-1.8.16-4.fc24
	sudo-1.8.17p1-1.mga5

This was brought to our attention by Grisha Levit.

https://bugzilla.redhat.com/show_bug.cgi?id=1339935

-- 
Doran Moppert
Red Hat Product Security

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.