Ubuntu Security Notice USN-5811-1
Ubuntu Security Notice 5811-1 - Matthieu Barjole and Victor Cutillas
discovered that Sudo incorrectly handled user-specified editors when using
the sudoedit command. A local attacker that has permission to use the
sudoedit command could possibly use this issue to edit arbitrary files. It
was discovered that the Protobuf-c library, used by Sudo, incorrectly
handled certain arithmetic shifts. An attacker could possibly use this
issue to cause Sudo to crash, resulting in a denial of service. This issue
only affected Ubuntu 22.04 LTS.
https://packetstormsecurity.com/files/170597/USN-5811-1.txt
Thu, 19 Jan 2023 16:00:13 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com