High-Severity Linux Sudo Flaw Allows Users To Make Origin Privileges

A high-severity vulnerability has been reported inward Linux that could locomote exploited yesteryear a depression privilege assaulter to hit amount root access on an affected system.

The vulnerability, identified every 2nd CVE-2017-1000367, was discovered yesteryear researchers at Qualys Security inward Sudo's "get_process_ttyname()" function for Linux that could allow a user alongside Sudo privileges to run commands every 2nd root or get upwards privileges to root.

Sudo, stands for "superuser do!," is a plan for Linux too UNIX operating systems that lets criterion users run specific commands every 2nd a superuser (aka root user), such every 2nd adding users or performing organisation updates.

The flaw genuinely resides inward the means Sudo parsed "tty" information from the procedure condition file inward the proc filesystem.

On Linux machines, sudo parses the /proc/[pid]/stat file inward guild to produce upwards one's request heed the device issue of the process's tty from patch vii (tty_nr), Qualys Security explains inward its alert on the sudo projection website reads. 

"This file volition locomote used every 2nd the command's criterion input, output too fault when an SELinux role is specified on the sudo ascendency line. If the symbolic link nether /dev/shm is replaced alongside a link to around other file earlier [sudo opens it], it is possible to overwrite an arbitrary file yesteryear writing to the criterion output or criterion error. This tin locomote escalated to amount root access yesteryear rewriting a trusted file such every 2nd /etc/shadow or fifty-fifty /etc/sudoers."

The vulnerability, which affects Sudo 1.8.6p7 through 1.8.20 too marked every 2nd high severity, has already been patched inward Sudo 1.8.20p1, too users are recommended to update their systems to the latest release.

Red Hat yesterday pushed out patches for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, too Red Hat Enterprise Linux Server. Debian has likewise released fixes for its Wheezy, Jessie too Sid releases too SUSE Linux has rolled out fixes for a issue of its products.

Qualys Security said it would lay out its Sudoer-to-root exploit i time a maximum issue of users accept had fourth dimension to while their systems against the flaw.

Share This :