CVE-2023-28339 Information

Description

OpenDoas through 6.8.2 when TIOCSTI is available allows privilege escalation because of sharing a terminal with the original session. NOTE: TIOCSTI is unavailable in OpenBSD 6.0 and later and can be made unavailable in the Linux kernel 6.2 and later.

Reference

https://github.com/Duncaen/OpenDoas/issues/106