CVE-2023-27320
published 2023-02-28CVE-2023-27320: Sudo before 1.9.13p2 has a double free in the per-command chroot feature.
high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
Sudo before 1.9.13p2 has a double free in the per-command chroot feature.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | sudo | < sudo 1.9.13p3-1 (bookworm) | sudo 1.9.13p3-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| msrc | cbl2_sudo_1.9.13p3-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | cm1_sudo_1.9.13p3-1_on_cbl_mariner_1.0 | — | — |
| sudo_project | sudo | — | — |
| sudo_project | sudo | >= 0 < 1.9.13p3-1 | 1.9.13p3-1 |
| sudo_project | sudo | >= 0 < 1.9.13p3-1 | 1.9.13p3-1 |
| sudo_project | sudo | >= 0 < 1.9.13p3-1 | 1.9.13p3-1 |
| sudo_project | sudo | >= 1.9.8 < 1.9.13 | 1.9.13 |
CVSS provenance
nvdv3.17.2HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
osv7.2HIGH