Achọpụtala ihe ọghọm (CVE-2023-22809) na ngwugwu sudo, nke a na-eji hazie mmezu nke iwu n'aha ndị ọrụ ndị ọzọ, nke na-enye onye ọrụ mpaghara ohere dezie faịlụ ọ bụla na sistemụ, nke, n'aka nke ya, na-enye ha ohere. iji nweta ikike mgbọrọgwụ site n'ịgbanwe /etc/shadow or scripts system. Mgbugbu nke adịghị ike chọrọ ka enye onye ọrụ na faịlụ sudoers ikike iji sudoedit utility ma ọ bụ "sudo" jiri ọkọlọtọ "-e".
A na-ebute adịghị ike ahụ site na enweghị njikwa kwesịrị ekwesị nke mkpụrụedemede "-" mgbe ị na-atụgharị mgbanwe gburugburu ebe obibi na-akọwapụta mmemme a na-akpọ iji dezie faịlụ. Na sudo, a na-eji usoro "-" kewapụ onye ndezi na arụmụka na ndepụta faịlụ a na-edezi. Onye na-awakpo nwere ike ịgbakwunye usoro "-file" ka usoro nchịkọta akụkọ gachara na SUDO_EDITOR, VISUAL, ma ọ bụ EDITOR gburugburu ebe obibi, nke ga-amalite idezi faịlụ akọwapụtara ya na ihe ùgwù dị elu na-enweghị ịlele iwu ịnweta faịlụ nke onye ọrụ.
Ọdịmma ahụ pụtara kemgbe alaka ụlọ ọrụ 1.8.0 ma edobere ya na mmelite sudo 1.9.12p2. Enwere ike nyochaa mbipụta mmelite ngwugwu na nkesa na ibe: Debian, Ubuntu, Gentoo, RHEL, SUSE, Fedora, Arch, FreeBSD, NetBSD. Dịka nchekwa nchekwa, ị nwere ike gbanyụọ nhazi SUDO_EDITOR, VISUAL na EDITOR gburugburu ebe obibi site na ịkọwapụta na sudoers: Defaults!sudoedit env_delete+="SUDO_EDITOR VISUAL EDITOR"
isi: opennet.ru