CVE-2023-27320
7.2HIGHSudo before 1.9.13p2 has a double free in the per-command chroot feature.
Published: 2/28/2023Updated: 3/21/2025
Description
Sudo before 1.9.13p2 has a double free in the per-command chroot feature.
AI AnalysisPowered by AI
Affected Products
sudo_projectsudo
sudo_projectsudo
1.9.13
sudo_projectsudo
1.9.13
fedoraprojectfedora
36
fedoraprojectfedora
37
fedoraprojectfedora
38
References
- http://www.openwall.com/lists/oss-security/2023/03/01/8Mailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/332KN4QI6QXB7NI7SWSJ2EQJKWIILFN6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLXMRAMXC3BYL4DNKVTK3V6JDMUXZ7B/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6VW24YGXJYI4NZ5HZPQCF4MCE7766AU/
- https://security.gentoo.org/glsa/202309-12Third Party Advisory
- https://security.netapp.com/advisory/ntap-20230413-0009/Third Party Advisory
- https://www.openwall.com/lists/oss-security/2023/02/28/1ExploitMailing ListThird Party Advisory
- https://www.sudo.ws/releases/stable/#1.9.13p2Release Notes
- http://www.openwall.com/lists/oss-security/2023/03/01/8Mailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/332KN4QI6QXB7NI7SWSJ2EQJKWIILFN6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLXMRAMXC3BYL4DNKVTK3V6JDMUXZ7B/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6VW24YGXJYI4NZ5HZPQCF4MCE7766AU/
- https://security.gentoo.org/glsa/202309-12Third Party Advisory
- https://security.netapp.com/advisory/ntap-20230413-0009/Third Party Advisory
- https://www.openwall.com/lists/oss-security/2023/02/28/1ExploitMailing ListThird Party Advisory
- https://www.sudo.ws/releases/stable/#1.9.13p2Release Notes