From 30a38f0d28dbdc9da30e3d63d94a68ef48ac1041 Mon Sep 17 00:00:00 2001 From: dalianpanzi Date: Fri, 7 Apr 2023 07:00:29 +0000 Subject: [PATCH 1/4] add cve/sudo/2023/CVE-2023-26604/README.md. Signed-off-by: dalianpanzi --- cve/sudo/2023/CVE-2023-26604/README.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 cve/sudo/2023/CVE-2023-26604/README.md diff --git a/cve/sudo/2023/CVE-2023-26604/README.md b/cve/sudo/2023/CVE-2023-26604/README.md new file mode 100644 index 00000000..1433f493 --- /dev/null +++ b/cve/sudo/2023/CVE-2023-26604/README.md @@ -0,0 +1,2 @@ +# CVE-2023-26604 +Checker for CVE-2023-26604 \ No newline at end of file -- Gitee From e44087d83e484c586ffad5cd5a5b4079532bc819 Mon Sep 17 00:00:00 2001 From: dalianpanzi Date: Fri, 7 Apr 2023 07:01:15 +0000 Subject: [PATCH 2/4] add cve/sudo/2023/CVE-2023-26604/checker.sh. Signed-off-by: dalianpanzi --- cve/sudo/2023/CVE-2023-26604/checker.sh | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 cve/sudo/2023/CVE-2023-26604/checker.sh diff --git a/cve/sudo/2023/CVE-2023-26604/checker.sh b/cve/sudo/2023/CVE-2023-26604/checker.sh new file mode 100644 index 00000000..3b1feecc --- /dev/null +++ b/cve/sudo/2023/CVE-2023-26604/checker.sh @@ -0,0 +1,9 @@ +#!/bin/sh + +version=$(systemd --version | awk -F " " '{print $2}'| awk -F "+" '{print $1}') + +if (($version < "247")) then + echo 'Vulnerable' +else + echo 'Not vulnerable' +fi -- Gitee From bb8cd71a6e37d5e5eb494b80aa0f4797b34a04c4 Mon Sep 17 00:00:00 2001 From: dalianpanzi Date: Fri, 7 Apr 2023 07:08:08 +0000 Subject: [PATCH 3/4] add cve/sudo/2023/yaml/CVE-2023-26604.yaml. Signed-off-by: dalianpanzi --- cve/sudo/2023/yaml/CVE-2023-26604.yaml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 cve/sudo/2023/yaml/CVE-2023-26604.yaml diff --git a/cve/sudo/2023/yaml/CVE-2023-26604.yaml b/cve/sudo/2023/yaml/CVE-2023-26604.yaml new file mode 100644 index 00000000..6b534f59 --- /dev/null +++ b/cve/sudo/2023/yaml/CVE-2023-26604.yaml @@ -0,0 +1,20 @@ +id: CVE-2023-26604 +source: https://github.com/Zenmovie/CVE-2023-26604 +info: + name: Sudo 是一个用于类 Unix 计算机操作系统的程序,它能够使用户能够以另一个用户(默认是超级用户)的安全权限运行程序。sudoedit 功能用于以另外一个用户身份编辑文件。 + severity: high + description: + 在247之前的systemd不能充分阻止某些Sudo配置的本地特权升级,例如,可能会在其中执行“systemctl status”命令的sudoers文件。具体来说,systemd没有将LESSSECURE设置为1,因此其他程序可能会从less程序启动。当从Sudo运行systemctl时,这会带来很大的安全风险,因为当终端大小太小而无法显示完整的systemctl输出时,less会作为root执行。 + scope-of-influence: + systemd before 247 + references: + - https://nvd.nist.gov/vuln/detail/cve-2023-26604 + classification: + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.8 + cve-id: CVE-2023-26604 + cwe-id: NVD-CWE-noinfo + cnvd-id: None + kve-id: None + tags: + - systemd, systemctl status \ No newline at end of file -- Gitee From 9b4e10e3d7fd4fff970af2b48c559ca9c334f0a6 Mon Sep 17 00:00:00 2001 From: dalianpanzi Date: Fri, 7 Apr 2023 07:09:41 +0000 Subject: [PATCH 4/4] update openkylin_list.yaml. Signed-off-by: dalianpanzi --- openkylin_list.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/openkylin_list.yaml b/openkylin_list.yaml index 7128c8a6..33b4c94e 100644 --- a/openkylin_list.yaml +++ b/openkylin_list.yaml @@ -75,6 +75,7 @@ cve: - CVE-2019-18634 - CVE-2021-3156 - CVE-2023-22809 + - CVE-2023-26604 gitlab: - CVE-2020-10977 - CVE-2021-22205 -- Gitee