Ubuthathaka (CVE-2023-22809) ichongiwe kwiphakheji ye-sudo, esetyenziselwa ukuququzelela ukuphunyezwa kwemiyalelo egameni labanye abasebenzisi, evumela umsebenzisi wendawo ukuba ahlele nayiphi na ifayile kwisistim, ethi, emva koko, ibavumele. ukufumana amalungelo engcambu ngokutshintsha /etc/shadow okanye inkqubo yeskripthi. Ukuxhaphaza ukuba sesichengeni kufuna ukuba umsebenzisi okwifayile ye-sudoers anikwe ilungelo lokusebenzisa into eluncedo ye-sudoedit okanye “sudo” nge-“-e” iflegi.
Ukuba sesichengeni kubangelwa kukunqongophala kokuphathwa ngokufanelekileyo kweempawu ze-“—” xa kucazululwa iinguqu zemo engqongileyo ezichaza inkqubo ebizwa ngokuba kukuhlela ifayile. Kwi-sudo, ulandelelwano "-" lusetyenziselwa ukwahlula umhleli kunye neengxoxo kuluhlu lweefayile ezihlelwayo. Umhlaseli unokongeza ulandelelwano "-ifayile" emva kwendlela yomhleli kwi-SUDO_EDITOR, VISUAL, okanye i-EDITOR yendalo eguquguqukayo, eya kuqalisa ukulungiswa kwefayile ekhankanyiweyo ngamalungelo aphakamileyo ngaphandle kokujonga imithetho yokufikelela kwifayile yomsebenzisi.
Ukuba sesichengeni kubonakala ukusuka kwisebe 1.8.0 kwaye kwalungiswa kuhlaziyo lolungiso sudo 1.9.12p2. Ukupapashwa kohlaziyo lwephakheji kunikezelo kunokulandelwa kumaphepha: Debian, Ubuntu, Gentoo, RHEL, SUSE, Fedora, Arch, FreeBSD, NetBSD. Njengomsebenzi wokhuseleko, ungayekisa ukuqhubekeka kwe-SUDO_EDITOR, VISUAL kunye ne-EDITOR eziguquguqukayo zemekobume ngokuchaza kwi-sudoers: Defaults!sudoedit env_delete+="SUDO_EDITOR VISUAL EDITOR"
umthombo: opennet.ru