安全公告详情

NS-SA-2023-0075

2023-05-29 09:41:11

简介

important: sudo/rsyslog security update

严重级别

important

主题

An update for sudo/rsyslog is now available for NewStart CGSL MAIN 6.02.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

详细描述

sudo: Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict what commands a user may run on a per-host basis, copious logging of each command (providing a clear audit trail of who did what), a configurable timeout of the sudo command, and the ability to use the same configuration file (sudoers) on many different machines.
rsyslog: This package provides debug information for package rsyslog-omamqp1. Debug information is useful when developing applications that use this package or when debugging this package.


Security Fix(es):
sudo: Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer. The impact could vary depending on the system libraries, compiler, and processor architecture.(CVE-2022-43995)
sudo: bugfix
rsyslog: A flaw was found in rsyslog's reception TCP modules. This flaw allows an attacker to craft a malicious message leading to a heap-based buffer overflow. This issue allows the attacker to corrupt or access data stored in memory, leading to a denial of service in the rsyslog or possible remote code execution.(CVE-2022-24903)
rsyslog: bugfix


Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 6.02.D0B5.

影响组件

  • sudo
  • rsyslog

影响产品

  • CGSL MAIN 6.02

更新包

{"fix":[{"product":"CGSL MAIN 6.02","pkgs":[{"binary":["sudo-1.8.29-6.el8_3.1.cgslv6_2.7.g025ad3f.x86_64.rpm"],"source":"sudo-1.8.29-6.el8_3.1.cgslv6_2.7.g025ad3f.src.rpm"},{"binary":["rsyslog-8.2102.0-7.el8_6.1.cgslv6_2.1.g129a9e8.x86_64.rpm","rsyslog-mmjsonparse-8.2102.0-7.el8_6.1.cgslv6_2.1.g129a9e8.x86_64.rpm"],"source":"rsyslog-8.2102.0-7.el8_6.1.cgslv6_2.1.g129a9e8.src.rpm"}]}]}
CGSL MAIN 6.02
  • sudo-1.8.29-6.el8_3.1.cgslv6_2.7.g025ad3f.src.rpm
    • sudo-1.8.29-6.el8_3.1.cgslv6_2.7.g025ad3f.x86_64.rpm
  • rsyslog-8.2102.0-7.el8_6.1.cgslv6_2.1.g129a9e8.src.rpm
    • rsyslog-8.2102.0-7.el8_6.1.cgslv6_2.1.g129a9e8.x86_64.rpm
    • rsyslog-mmjsonparse-8.2102.0-7.el8_6.1.cgslv6_2.1.g129a9e8.x86_64.rpm

CVE

参考

© 2004-2023 广东中兴新支点技术有限公司 版权所有 (www.gd-linux.com) 粤ICP备15061780号-2

全国服务热线:400-033-0108