There is a severe vulnerability in famous sudo tool. The vulnerability is due to a bug in the programming of this tool that allows any user who has a session in the shell (even with SELinux enabled) to escalate privileges to become root. The problem lies in the malfunction of sudo parsing the content of / proc / [PID] / stat when trying to determine the terminal.
The bug discovered is specifically in the call get_process_ttyname () sudo for Linux, which is the one that opens the previously mentioned directory to read the device number tty for the tty_nr field. This vulnerability cataloged as CVE-2017-1000367 could be exploited to gain system privileges, as I said, so it is quite critical and affects many well-known and important distributions. But don't be scared either, now we tell you how to protect yourself ...
Well, the affected distributions are:
- Red Hat Enterprise Linux 6, 7 and Server
- Oracle Enterprise 6, 7 and Server
- CentOS Linux 6 and 7
- Debian Wheezy, Jessie, Stretch, Sid
- Ubuntu 14.04 LTS, 16.04 LTS, 16.10 and 17.04
- SuSE LInux Enterpsrise Software Development Kit 12-SP2, Server for Raspberry Pi 12-SP2, Server 12-SP2 and Desktop 12-SP2
- OpenSuSE
- Slackware
- Gentoo
- Arch Linux
- Fedora
Therefore, you must patch or update your system ASAP if you have one of these systems (or derivatives):
- For Debian and derivatives (Ubuntu, ...):
sudo apt update sudo apt upgrade
- For RHEL and derivatives (CentOS, Oracle, ...):
sudo yum update
- In Fedora:
sudo dnf update
- SuSE and derivatives (OpenSUSE, ...):
sudo zypper update
ArchLinux:
sudo pacman -Syu
- Slackware:
upgradepkg sudo-1.8.20p1-i586-1_slack14.2.txz
- Gentoo:
emerge --sync emerge --ask --oneshot --verbose ">=app-admin/sudo-1.8.20_p1"