Description
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.
Exploits (1)
nomisec
WORKING POC
by justinsteven · poc
https://github.com/justinsteven/sudo_digest_toctou_poc_CVE-2015-8239
References (5)
Core 5
Core References
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://www.sudo.ws/repos/sudo/rev/397722cdd7ec
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://www.sudo.ws/repos/sudo/rev/0cd3cc8fa195
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1283635
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/11/18/22
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://www.sudo.ws/repos/sudo/rev/24a3d9215c64
Scores
CVSS v3
7.0
EPSS
0.0088
EPSS Percentile
75.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-362
Status
published
Products (7)
sudo_project/sudo
1.8.8 (5 CPE variants)
sudo_project/sudo
1.8.9 (10 CPE variants)
sudo_project/sudo
1.8.10 (11 CPE variants)
sudo_project/sudo
1.8.11 (9 CPE variants)
sudo_project/sudo
1.8.12 (6 CPE variants)
sudo_project/sudo
1.8.13 (7 CPE variants)
sudo_project/sudo
1.8.14 (2 CPE variants)
Published
Oct 10, 2017
Tracked Since
Feb 18, 2026