VDB

GCVE-110-MAGEIA-2022-426

GCVE-110-MAGEIA-2022-426
Advisory Published
Vulnetix · Advisory published November 17, 2022
Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer. The impact could vary depending on the system libraries, compiler, and processor architecture. (CVE-2022-43995)

Affected Products

VendorProductVersionsPlatforms
Mageiasudo0 (affected), 1.9.5p2-2.1.mga8 (unaffected)

Browse GCVE Records

73,040 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›