CVE-2023-42465 - Vulnerability Details

Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Enterprise Linux Openshift Data Foundation Rhel Eus
Sudo Project	Sudo

Configuration 1 [-]

cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
sudo-0:1.9.5p2-1.el8_9	cpe:/o:redhat:enterprise_linux:8	RHSA-2024:0811	2024-02-14T00:00:00Z
Red Hat Enterprise Linux 8.6 Extended Update Support
sudo-0:1.9.5p2-1.el8_6	cpe:/o:redhat:rhel_eus:8.6	RHSA-2024:0811	2024-02-14T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
sudo-0:1.9.5p2-1.el8_8	cpe:/o:redhat:rhel_eus:8.8	RHSA-2024:0811	2024-02-14T00:00:00Z
Red Hat Enterprise Linux 9
sudo-0:1.9.5p2-10.el9_3	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:0811	2024-02-14T00:00:00Z
sudo-0:1.9.5p2-10.el9_3	cpe:/o:redhat:enterprise_linux:9	RHSA-2024:0811	2024-02-14T00:00:00Z
Red Hat Enterprise Linux 9.0 Extended Update Support
sudo-0:1.9.5p2-7.el9_0.4	cpe:/a:redhat:rhel_eus:9.0	RHSA-2024:0811	2024-02-14T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
sudo-0:1.9.5p2-9.el9_2.2	cpe:/a:redhat:rhel_eus:9.2	RHSA-2024:0811	2024-02-14T00:00:00Z
RHODF-4.15-RHEL-9
odf4/cephcsi-rhel9:v4.15.0-37	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/mcg-core-rhel9:v4.15.0-68	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/mcg-operator-bundle:v4.15.0-158	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/mcg-rhel9-operator:v4.15.0-39	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/ocs-client-console-rhel9:v4.15.0-58	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/ocs-client-operator-bundle:v4.15.0-158	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/ocs-client-rhel9-operator:v4.15.0-13	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/ocs-metrics-exporter-rhel9:v4.15.0-81	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/ocs-operator-bundle:v4.15.0-158	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/ocs-rhel9-operator:v4.15.0-79	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/odf-cli-rhel9:v4.15.0-22	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/odf-console-rhel9:v4.15.0-57	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/odf-cosi-sidecar-rhel9:v4.15.0-6	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/odf-csi-addons-operator-bundle:v4.15.0-158	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/odf-csi-addons-rhel9-operator:v4.15.0-15	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/odf-csi-addons-sidecar-rhel9:v4.15.0-15	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/odf-multicluster-console-rhel9:v4.15.0-54	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/odf-multicluster-operator-bundle:v4.15.0-158	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/odf-multicluster-rhel9-operator:v4.15.0-10	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/odf-must-gather-rhel9:v4.15.0-26	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/odf-operator-bundle:v4.15.0-158	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/odf-rhel9-operator:v4.15.0-19	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/odr-cluster-operator-bundle:v4.15.0-158	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/odr-hub-operator-bundle:v4.15.0-158	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/odr-rhel9-operator:v4.15.0-21	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
odf4/rook-ceph-rhel9-operator:v4.15.0-103	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z

References

Link	Providers
https://arxiv.org/abs/2309.02545
https://arxiv.org/pdf/2309.02545.pdf
https://github.com/sudo-project/sudo/commit/7873f8334c8d31031f8cfa83bd97ac6029309e4f
https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_15
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R4Q23NHCKCLFIHSNY6KJ27GM7FSCEVXM/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6XMRUJCPII4MPWG43HTYR76DGLEYEFZ/
https://nvd.nist.gov/vuln/detail/CVE-2023-42465
https://security.gentoo.org/glsa/202401-29
https://security.netapp.com/advisory/ntap-20240208-0002/
https://www.cve.org/CVERecord?id=CVE-2023-42465
https://www.openwall.com/lists/oss-security/2023/12/21/9
https://www.sudo.ws/releases/changelog/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-12-22T00:00:00

Updated: 2024-08-02T19:23:38.880Z

Reserved: 2023-09-11T00:00:00

Link: CVE-2023-42465

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-12-22T16:15:08.057

Modified: 2024-11-21T08:22:36.407

Link: CVE-2023-42465

Redhat

Severity : Moderate

Publid Date: 2023-09-05T00:00:00Z

Links: CVE-2023-42465 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-42465", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-02T19:23:38.880Z", "dateReserved": "2023-09-11T00:00:00", "datePublished": "2023-12-22T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-02-18T03:06:16.859787"}, "descriptions": [{"lang": "en", "value": "Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.sudo.ws/releases/changelog/"}, {"url": "https://www.openwall.com/lists/oss-security/2023/12/21/9"}, {"url": "https://github.com/sudo-project/sudo/commit/7873f8334c8d31031f8cfa83bd97ac6029309e4f"}, {"url": "https://arxiv.org/abs/2309.02545"}, {"url": "https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_15"}, {"name": "GLSA-202401-29", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202401-29"}, {"name": "FEDORA-2024-cdccda4f62", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6XMRUJCPII4MPWG43HTYR76DGLEYEFZ/"}, {"url": "https://security.netapp.com/advisory/ntap-20240208-0002/"}, {"name": "FEDORA-2024-6fa5af9ea8", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R4Q23NHCKCLFIHSNY6KJ27GM7FSCEVXM/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:23:38.880Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.sudo.ws/releases/changelog/", "tags": ["x_transferred"]}, {"url": "https://www.openwall.com/lists/oss-security/2023/12/21/9", "tags": ["x_transferred"]}, {"url": "https://github.com/sudo-project/sudo/commit/7873f8334c8d31031f8cfa83bd97ac6029309e4f", "tags": ["x_transferred"]}, {"url": "https://arxiv.org/abs/2309.02545", "tags": ["x_transferred"]}, {"url": "https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_15", "tags": ["x_transferred"]}, {"name": "GLSA-202401-29", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202401-29"}, {"name": "FEDORA-2024-cdccda4f62", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6XMRUJCPII4MPWG43HTYR76DGLEYEFZ/"}, {"url": "https://security.netapp.com/advisory/ntap-20240208-0002/", "tags": ["x_transferred"]}, {"name": "FEDORA-2024-6fa5af9ea8", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R4Q23NHCKCLFIHSNY6KJ27GM7FSCEVXM/"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*", "matchCriteriaId": "0352673D-D618-41C1-BC9F-8B3582BC277E", "versionEndExcluding": "1.9.15", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit."}, {"lang": "es", "value": "Sudo anterior a 1.9.15 podr\u00eda permitir row hammer attacks (para eludir la autenticaci\u00f3n o escalar privilegios) porque la l\u00f3gica de la aplicaci\u00f3n a veces se basa en no igualar un valor de error (en lugar de igualar un valor de \u00e9xito) y porque los valores no resisten los cambios de un solo bit."}], "id": "CVE-2023-42465", "lastModified": "2024-11-21T08:22:36.407", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-22T16:15:08.057", "references": [{"source": "cve@mitre.org", "tags": ["Technical Description", "Third Party Advisory"], "url": "https://arxiv.org/abs/2309.02545"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/sudo-project/sudo/commit/7873f8334c8d31031f8cfa83bd97ac6029309e4f"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_15"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R4Q23NHCKCLFIHSNY6KJ27GM7FSCEVXM/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6XMRUJCPII4MPWG43HTYR76DGLEYEFZ/"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/202401-29"}, {"source": "cve@mitre.org", "url": "https://security.netapp.com/advisory/ntap-20240208-0002/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List"], "url": "https://www.openwall.com/lists/oss-security/2023/12/21/9"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://www.sudo.ws/releases/changelog/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Technical Description", "Third Party Advisory"], "url": "https://arxiv.org/abs/2309.02545"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/sudo-project/sudo/commit/7873f8334c8d31031f8cfa83bd97ac6029309e4f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R4Q23NHCKCLFIHSNY6KJ27GM7FSCEVXM/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6XMRUJCPII4MPWG43HTYR76DGLEYEFZ/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202401-29"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20240208-0002/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List"], "url": "https://www.openwall.com/lists/oss-security/2023/12/21/9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://www.sudo.ws/releases/changelog/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:0811", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "sudo-0:1.9.5p2-1.el8_9", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-02-14T00:00:00Z"}, {"advisory": "RHSA-2024:0811", "cpe": "cpe:/o:redhat:rhel_eus:8.6", "package": "sudo-0:1.9.5p2-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2024-02-14T00:00:00Z"}, {"advisory": "RHSA-2024:0811", "cpe": "cpe:/o:redhat:rhel_eus:8.8", "package": "sudo-0:1.9.5p2-1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-02-14T00:00:00Z"}, {"advisory": "RHSA-2024:0811", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "sudo-0:1.9.5p2-10.el9_3", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-02-14T00:00:00Z"}, {"advisory": "RHSA-2024:0811", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "sudo-0:1.9.5p2-10.el9_3", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-02-14T00:00:00Z"}, {"advisory": "RHSA-2024:0811", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "sudo-0:1.9.5p2-7.el9_0.4", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2024-02-14T00:00:00Z"}, {"advisory": "RHSA-2024:0811", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "sudo-0:1.9.5p2-9.el9_2.2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-02-14T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/cephcsi-rhel9:v4.15.0-37", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/mcg-core-rhel9:v4.15.0-68", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/mcg-operator-bundle:v4.15.0-158", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/mcg-rhel9-operator:v4.15.0-39", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/ocs-client-console-rhel9:v4.15.0-58", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/ocs-client-operator-bundle:v4.15.0-158", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/ocs-client-rhel9-operator:v4.15.0-13", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/ocs-metrics-exporter-rhel9:v4.15.0-81", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/ocs-operator-bundle:v4.15.0-158", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/ocs-rhel9-operator:v4.15.0-79", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odf-cli-rhel9:v4.15.0-22", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odf-console-rhel9:v4.15.0-57", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odf-cosi-sidecar-rhel9:v4.15.0-6", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odf-csi-addons-operator-bundle:v4.15.0-158", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odf-csi-addons-rhel9-operator:v4.15.0-15", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odf-csi-addons-sidecar-rhel9:v4.15.0-15", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odf-multicluster-console-rhel9:v4.15.0-54", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odf-multicluster-operator-bundle:v4.15.0-158", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odf-multicluster-rhel9-operator:v4.15.0-10", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odf-must-gather-rhel9:v4.15.0-26", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odf-operator-bundle:v4.15.0-158", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odf-rhel9-operator:v4.15.0-19", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odr-cluster-operator-bundle:v4.15.0-158", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odr-hub-operator-bundle:v4.15.0-158", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odr-rhel9-operator:v4.15.0-21", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:1383", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/rook-ceph-rhel9-operator:v4.15.0-103", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2024-03-19T00:00:00Z"}], "bugzilla": {"description": "sudo: Targeted Corruption of Register and Stack Variables", "id": "2255568", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255568"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-1319", "details": ["Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.", "A flaw was found in the sudo package. This issue could allow a local authenticated attacker to cause a bit to flip, which enables fault injection and may authenticate as the root user."], "mitigation": {"lang": "en:us", "value": "In general to address this issue, it's crucial to implement robust logic that prevents unintended execution from a single-bit flip. \nBut mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2023-42465", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "sudo", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "sudo", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2023-09-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-42465\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-42465\nhttps://arxiv.org/pdf/2309.02545.pdf\nhttps://github.com/sudo-project/sudo/commit/7873f8334c8d31031f8cfa83bd97ac6029309e4f"], "statement": "\"Mayhem\" is a potent attack technique that focuses on the core components of computing systems, specifically the CPU internals and stack variables. This method signifies a noteworthy advancement in cyber threats, demonstrating a successful ability to tamper with a computer's memory and compromise both stack and register variables. Capitalizing on the well-known Rowhammer effect, wherein swift access to a DRAM row induces bit flips in neighboring rows, this clever attack exploits these bit flips to disrupt stack variables and manipulate register values within a given process. The manipulation is accomplished by targeting register values stored in the process's stack, which, once flushed out to memory, become vulnerable to Rowhammer attacks. When reloaded, these corrupted values cause chaos, compromising the integrity of the entire process. It's important to note that this attack is confined to the local system, leading us to categorize it as a moderate threat.", "threat_severity": "Moderate"}

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object