OSV-2023-106

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/sudoers/OSV-2023-106.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2023-106

Published

2023-02-24T13:02:18.928195Z

Modified

2023-02-28T00:23:22.122155Z

Summary

UNKNOWN WRITE in sudo_lbuf_append_quoted_v1

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56278

Crash type: UNKNOWN WRITE
Crash state:
sudo_lbuf_append_quoted_v1
sudoers_format_member_int
sudoers_format_member_int

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56278

Affected packages

OSS-Fuzz / sudoers

Package

Name: sudoers
Purl: pkg:generic/sudoers

Affected ranges

Type: GIT
Repo: https://github.com/sudo-project/sudo
Events: Introduced

dc9ef690216fc95d0bfafa344a2cfb936bfaf513

Fixed

0be5a5191852ec50f96b6a759ce5b2e17ed0aab5

Fixed

ea2f22bc9ac854cefa9e29c2324562c0f066b7ff

Affected versions

Other

SUDO_1_9_1

SUDO_1_9_10

SUDO_1_9_11

SUDO_1_9_11p1

SUDO_1_9_11p2

SUDO_1_9_11p3

SUDO_1_9_12

SUDO_1_9_12p1

SUDO_1_9_12p2

SUDO_1_9_13

SUDO_1_9_13p1

SUDO_1_9_2

SUDO_1_9_3

SUDO_1_9_3p1

SUDO_1_9_4

SUDO_1_9_4p1

SUDO_1_9_4p2

SUDO_1_9_5

SUDO_1_9_5p1

SUDO_1_9_5p2

SUDO_1_9_6

SUDO_1_9_6p1

SUDO_1_9_7

SUDO_1_9_7p1

SUDO_1_9_7p2

SUDO_1_9_8

SUDO_1_9_8p1

SUDO_1_9_8p2

SUDO_1_9_9

Ecosystem specific

{
    "severity": "HIGH"
}