CVE-2023-7090 Information

Description

A flaw was found in sudo in the handling of ipa_hostname where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore it leads to privilege mismanagement vulnerability in applications where client hosts retain privileges even after retracting them.

Reference

https://access.redhat.com/security/cve/CVE-2023-7090 https://bugzilla.redhat.com/show_bug.cgi?id=2255723 https://www.sudo.ws/releases/legacy/#1.8.28