High severity7.0NVD Advisory· Published Oct 10, 2017· Updated May 13, 2026

CVE-2015-8239

Description

The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
www.sudo.ws/repos/sudo/rev/0cd3cc8fa195nvdIssue TrackingPatchThird Party Advisory
www.sudo.ws/repos/sudo/rev/24a3d9215c64nvdIssue TrackingPatchThird Party Advisory
www.sudo.ws/repos/sudo/rev/397722cdd7ecnvdIssue TrackingPatchThird Party Advisory
www.openwall.com/lists/oss-security/2015/11/18/22nvdMailing ListThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000