mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 09:57:41 +00:00
Code Issues Releases Wiki Activity

Only allow a remote host to be specified when listing privileges.

Browse Source 
This fixes a bug where a user with sudoers privileges on a different
host could execute a command on the local host, even if the sudoers
file would not otherwise allow this.  CVE-2025-32462

Reported by Rich Mirch @ Stratascale Cyber Research Unit (CRU).
This commit is contained in:
Todd C. Miller 2025-04-01 09:24:51 -06:00
parent 51c3488100
commit d530367828
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
plugins/sudoers/sudoers.c
View File

@ -350,6 +350,18 @@ sudoers_check_common(struct sudoers_context *ctx, int pwflag)
time_t now; time_t now;
debug_decl(sudoers_check_common, SUDOERS_DEBUG_PLUGIN); debug_decl(sudoers_check_common, SUDOERS_DEBUG_PLUGIN);
/* The user may only specify a host for "sudo -l". */
if (!ISSET(ctx->mode, MODE_LIST|MODE_CHECK)) {
if (strcmp(ctx->runas.host, ctx->user.host) != 0) {
log_warningx(ctx, SLOG_NO_STDERR|SLOG_AUDIT,
N_("user not allowed to set remote host for command"));
sudo_warnx("%s",
U_("a remote host may only be specified when listing privileges."));
ret = false;
goto done;
}
}
/* If given the -P option, set the "preserve_groups" flag. */ /* If given the -P option, set the "preserve_groups" flag. */
if (ISSET(ctx->mode, MODE_PRESERVE_GROUPS)) if (ISSET(ctx->mode, MODE_PRESERVE_GROUPS))
def_preserve_groups = true; def_preserve_groups = true;