Fluid Attacks Database

Description

A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore, it leads to privilege mismanagement vulnerability in applications, where client hosts retain privileges even after retracting them.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	sudo	>=0 <1.8.28p1-1	1.8.28p1-1
debian 12	sudo	>=0 <1.8.28p1-1	1.8.28p1-1
debian 13	sudo	>=0 <1.8.28p1-1	1.8.28p1-1
debian 14	sudo	>=0 <1.8.28p1-1	1.8.28p1-1

Aliases

1. CVE-2023-70902. NVD-2023-70903. OSV-DEBIAN-2023-70904. OSV-2023-70905. SECURITY-TRACKER-CVE-2023-7090

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.