Red Hat, Debian and other Linux distributions yesterday pushed out patches for a high-severity vulnerability in sudo that could be abused by a local attacker to gain root privileges.
Sudo is a program for Linux and UNIX systems that allows standard users to run specific commands as a superuser, such as adding users or performing system updates.
In this case, researchers at Qualys found a vulnerability in sudo’s get_process_ttyname function that allows a local attacker with sudo privileges to run commands as root or elevate privileges to root.
An alert on the sudo project website says SELinux must be enabled and sudo built with SELinux support for the vulnerability to be triggered. Sudo 1.8.6p7 through 1.8.20 are affected. Users should update sudo to 1.8.20p1.
Submitted by: Arnfried Walbrecht
Comments are closed.