RHSA-2023:0291: Important: sudo security update
The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.Security Fix(es): sudo: arbitrary file write with privileges of the RunAs user (CVE-2023-22809) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2023:0291?
RHSA-2023:0291 is classified as a critical vulnerability.
How do I fix RHSA-2023:0291?
To fix RHSA-2023:0291, you should update the sudo package to version 1.8.23-10.el7_9.3 or later.
What packages are affected by RHSA-2023:0291?
The affected packages include sudo, sudo-debuginfo, and sudo-devel versions before 1.8.23-10.el7_9.3.
What issues does RHSA-2023:0291 address?
RHSA-2023:0291 addresses arbitrary file overwrite vulnerabilities in the sudo utility.
Who is affected by RHSA-2023:0291?
System administrators using vulnerable versions of sudo are at risk from RHSA-2023:0291.