CVE-2023-28339

EUVD-2023-32037
OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session. NOTE: TIOCSTI is unavailable in OpenBSD 6.0 and later, and can be made unavailable in the Linux kernel 6.2 and later.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
Affected Products (NVD)
VendorProductVersion
opendoas_projectopendoas
𝑥
≤ 6.8.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
doas
bookworm
ignored
bullseye
vulnerable
opendoas
bookworm
ignored
bullseye
no-dsa
sid
vulnerable
trixie
vulnerable
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
doas
bionic
dne
focal
dne
jammy
needs-triage
kinetic
dne
trusty
ignored
xenial
ignored
opendoas
bionic
dne
focal
dne
jammy
dne
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needs-triage
oracular
needs-triage
trusty
ignored
xenial
ignored
Common Weakness Enumeration
References
https://github.com/Duncaen/OpenDoas/issues/106
https://github.com/Duncaen/OpenDoas/issues/106
https://github.com/Duncaen/OpenDoas/issues/106