CVE-2015-5602

Published: 17 November 2015

sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home/*/*/file.txt."

Priority

Medium

Status

Package Release Status
sudo
Launchpad, Ubuntu, Debian
Upstream
Released (1.8.16)
Ubuntu 20.04 LTS (Focal Fossa) Not vulnerable
(1.8.16-0ubuntu1)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(1.8.16-0ubuntu1)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(1.8.16-0ubuntu1)
Ubuntu 14.04 ESM (Trusty Tahr) Ignored

Patches:
Upstream: https://www.sudo.ws/repos/sudo/rev/33272418bb10
Upstream: https://www.sudo.ws/repos/sudo/rev/c2e36a80a279
Upstream: https://www.sudo.ws/repos/sudo/rev/b41c5b289f35
Upstream: https://www.sudo.ws/repos/sudo/rev/574e4a840879
Upstream: https://www.sudo.ws/repos/sudo/rev/3f559a389bf9
Upstream: https://www.sudo.ws/repos/sudo/rev/fe50d0c1f1b9

Notes

AuthorNote
mdeslaur
Backporting the fix for this issue is risky, may introduce
regressions, and will change behaviour for existing users,
possibly preventing them from using their existing
configuration.

For this reason, we will not be fixing this issue in stable
releases.

References

Bugs