suse · CVE-2015-8239

Quick triage

Priority: medium Published: 2021-05-30 13:34:57 UTC Updated: 2025-04-22 23:47:07 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2015-8239 severity moderate: SUSE including 2 source package names (sudo, sudo-devel), 11 product×package rows across 10 product lines (SUSE Linux Enterprise Desktop 11 SP3, SUSE Linux Enterprise Desktop 11 SP4, … (10 product lines)): Known Not Affected 11.

Description:

The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.

cvelogic Threat Intelligence