There is a severe vulnerability in famous sudo tool. The vulnerability is due to a bug in the programming of this tool that allows any user who has a session in the shell (even with SELinux enabled) to escalate privileges to become root. The problem lies in the malfunction of sudo parsing the content of / proc / [PID] / stat when trying to determine the terminal.
The bug discovered is specifically in the call get_process_ttyname () sudo for Linux, which is the one that opens the previously mentioned directory to read the device number tty for the tty_nr field. This vulnerability cataloged as CVE-2017-1000367 could be exploited to gain system privileges, as I said, so it is quite critical and affects many well-known and important distributions. But don't be scared either, now we tell you how to protect yourself ...
Well, the affected distributions are:
- Red Hat Enterprise Linux 6, 7 and Server
- Oracle Enterprise 6, 7 and Server
- CentOS Linux 6 and 7
- Debian Wheezy, Jessie, Stretch, Sid
- Ubuntu 14.04 LTS, 16.04 LTS, 16.10 and 17.04
- SuSE LInux Enterpsrise Software Development Kit 12-SP2, Server for Raspberry Pi 12-SP2, Server 12-SP2 and Desktop 12-SP2
- OpenSuSE
- Slackware
- Gentoo
- Arch Linux
- Fedora
Therefore, you must patch or update your system ASAP if you have one of these systems (or derivatives):
- For Debian and derivatives (Ubuntu, ...):
sudo apt update sudo apt upgrade
- For RHEL and derivatives (CentOS, Oracle, ...):
sudo yum update
- In Fedora:
sudo dnf update
- SuSE and derivatives (OpenSUSE, ...):
sudo zypper update
ArchLinux:
sudo pacman -Syu
- Slackware:
upgradepkg sudo-1.8.20p1-i586-1_slack14.2.txz
- Gentoo:
emerge --sync emerge --ask --oneshot --verbose ">=app-admin/sudo-1.8.20_p1"
Which one would be used for Archlinux and earlier?
Hello,
There was an error inserting the code. Now you can see it.
Greetings and thanks for advising.
Hello:
Well for arch and derivatives sudo pacman -Syyu
Greetings.
So that's why sudo was updated ... anyway, the risky thing is the fact that it is not known who, apart from the one who has now the bug, who else knew. And that can be risky.