Linux vulnerability (sudo) enables users to obtain root privileges

A critical Linux vulnerability has been discovered by researchers at Qualys, the vulnerability (CVE-2017-1000367) could be exploited by a low privileged user to gain full root access on a vulnerable system.The high severity flaw allows local users with privileges to execute commands via Sudo and could end in the user being able to escalate their privileges to root.

The high severity flaw allows local users with privileges to execute commands via Sudo and could end in the user being able to escalate their privileges to root. Sudo is a program for Linux and UNIX systems that enables regular users to run specific commands as a superuser, such as adding users or performing system updates.

Sudo is a program for Linux and UNIX systems that enables regular users to run specific commands as a superuser, such as adding users or performing system updates.”On Linux systems,

“On Linux systems, sudo parses the /proc/[pid]/stat file to determine the device number of the process’s tty (field 7). The fields in the file are space-delimited, but it is possible for the command name (field 2) to include white space (including newline), which sudo does not account for,” the sudo advisory said. “A user with sudo privileges can cause sudo to use a device number of the user’s choosing by creating a symbolic link from the sudo binary to a name that contains a space, followed by a number.””If SELinux is enabled on the system and

“If SELinux is enabled on the system and sudo was built with SELinux support, a user with sudo privileges may be able to to overwrite an arbitrary file. This can be escalated to full root access by rewriting a trusted file such as /etc/shadow or even /etc/sudoers.”

The Linux vulnerability affects Sudo 1.8.6p7 through 1.8.20 inclusive. The flaw has been fixed in sudo 1.8.20p1.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Microsoft Fixed 100+ Vulnerabilities With October Patch Tuesday