Researchers uncover a 10-year old vulnerability in Linux

TL;DR

Security researchers at Qualys, the cloud security firm, have uncovered a 10-year old vulnerability in Sudo, a utility included in almost all Linux and Unix-based operating systems. The vulnerability allows any unprivileged user to gain access to root privileges on a vulnerable host using a default Sudo configuration.

The vulnerability may enable a malicious user to execute custom code on the host with root privileges
The vulnerability may enable a malicious user to execute custom code on the host with root privileges
Key Facts
  1. 1

    Sudo is a utility that allows users to run programs with the security privileges of another user. The vulnerability in Sudo was first introduced in July 2011 and affected all versions from 1.8.2 to 1.8.31p2, and the default configuration of all stable versions from 1.9.0 to 1.9.5p1.

  2. 2

    Qualys security researchers were able to identify the vulnerability and develop various ways to exploit it to gain full root privileges on Ubuntu 20.04, Debian 10, and Fedora 33. Likely, other operating systems can also be exploited.

  3. 3

    A bug in the Sudo code, related to the sudoedit command, allows you to avoid the escape characters and overflow the heap-based buffer through a command-line argument that ends with a single backslash character.

  4. 4

    According to Qualys, Sudo v1.9.5p2, a new version of Sudo, has been created to patch the problem.

  5. 5

    Two Sudo security flaws CVE-2019-14287 and CVE-2019-18634, have been discovered in the past two years. However, the vulnerability disclosed recently is considered the most damaging.

Details

As per the Qualys report, the buffer overflow vulnerability allows the attacker to control the size of the buffer and control the contents of the overflow itself. The vulnerability may enable a malicious user to execute custom code on the host with root privileges. It is also possible for the attacker to write null bytes to the overflowed buffer.

According to Qualys, to test if a system is vulnerable or not, you may log in to the system as a non-root user. Then run the command “sudoedit -s /”. If the system responds with an error that starts with “sudoedit:”, your system is vulnerable. If it has been patched, it will respond with an error that starts with “usage:”

A new version of Sudo - Sudo v1.9.5p2 - has been created to patch the problem. Notifications for the same have been posted for many Linux distros, including Fedora, Debian, Ubuntu, Gentoo, and SUSE, according to Qualys.

Get similar sotries in your inbox weekly, for free

Is this news interesting? Share it with your followers
AllEbooksFBADSquare.png
Learn Cloud Native Technologies

Learn by doing. Check our discounts!

DevOps-and-Alt-Cloud-350x350.png
DevOps and the Alternative Cloud Research Report

Insights into the capabilities developers expect from cloud infrastructure providers

The DevOps FaunCast.png
Listen to the stories behind the stories and learn new things each week

The DevOps FAUNCast

linode2.jpg
The Cloud Computing Golden Ratio

Discover the golden ratio of price to performance

FAUN.png
The all-in-one cloud security platform for developers

Try Bridgecrew for free!

Content Marketing Platform for Cloud Native Companies
Sponsor The Chief I/O

Get in touch!

AllEbooksFBADSquare.png

Learn Cloud Native Technologies
Learn by doing. Check our discounts!

DevOps-and-Alt-Cloud-350x350.png

DevOps and the Alternative Cloud Research Report
Insights into the capabilities developers expect from cloud infrastructure providers

The DevOps FaunCast.png

Listen to the stories behind the stories and learn new things each week
The DevOps FAUNCast

linode2.jpg

The Cloud Computing Golden Ratio
Discover the golden ratio of price to performance

FAUN.png

The all-in-one cloud security platform for developers
Try Bridgecrew for free!

Content Marketing Platform for Cloud Native Companies

Sponsor The Chief I/O
Get in touch!

Top news this week
OpenAI Codex has a superior understanding of popular coding methods.

Github Copilot: Microsoft's Advanced Investment in Automatic Coding

CodeGuru Reviewer comes in at the beginning of software production, while the latter comes in during operation

Code Quality and Security Ensured With CI/CD Experience for Github Actions

Nvidia expended 80 top drawer AI software A100 graphics card, the DGX A100 to Cambridge-1

NVIDIA Takes AI Initiative With a Supercomputer To Support UK Healthcare

Training and optimizing a machine learning model - a very demanding task, has now become simplified.

IBM Launches Codeflare, An Open Source Machine Learning Workflow Catalyst

The average figure for the number of Kubernetes clusters constantly in production is 2.5%.

Cloud-Native Report 2021 Elucidates Kubernetes Challenges

This new version comes with a bag of new advancements that delivers functions that are not on the old versions.

Kubernetes: Lens 5.0 Delivers Cloud in 4k

With it is a bulky stack of automation tools that support multi-vendor software-based networking.

IBM Launches AI-Powered Automation Software

Free guides & whitepapers
CFX BG.jpg

Leading Healthcare Provider in the US gets real-time visibility with CloudFabrix AIOps 2.0

Istio - This is what you need to know

Istio - This is what you need to know

Kubernetes 101

Kubernetes 101

The Guide To Kubernetes

Kubernetes For The Busy Developer