CVE-2023-28339

OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session. NOTE: TIOCSTI is unavailable in OpenBSD 6.0 and later, and can be made unavailable in the Linux kernel 6.2 and later.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
VendorProductVersion
opendoas_projectopendoas
𝑥
≤ 6.8.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
doas
bullseye
vulnerable
bookworm
ignored
opendoas
sid
vulnerable
trixie
vulnerable
bookworm
ignored
bullseye
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
doas
kinetic
dne
jammy
needs-triage
focal
dne
bionic
dne
xenial
ignored
trusty
ignored
opendoas
oracular
needs-triage
noble
needs-triage
mantic
ignored
lunar
ignored
kinetic
ignored
jammy
dne
focal
dne
bionic
dne
xenial
ignored
trusty
ignored
Common Weakness Enumeration
References
https://github.com/Duncaen/OpenDoas/issues/106
https://github.com/Duncaen/OpenDoas/issues/106
https://github.com/Duncaen/OpenDoas/issues/106