CVE-2017-1000367: A serious vulnerability allows’s attacker/hacker to access sudo command that granted root permissions with a shell account.
For example: If you have a user account with local user privileges and that doesn’t execute root commands. But with this vulnerability or flaw, it allows anyone to escalate their privileges to root.
It works on SELinux enabled systems such as CentOS/RHEL and others too.
Which distro is affected by this Vulnerability:
- Red Hat Enterprise Linux 6 (sudo)
- Red Hat Enterprise Linux 7 (sudo)
- Red Hat Enterprise Linux Server (v. 5 ELS) (sudo)
- Oracle Enterprise Linux 6
- Oracle Enterprise Linux 7
- Oracle Enterprise Linux Server 5
- CentOS Linux 6 (sudo)
- CentOS Linux 7 (sudo)
- Debian wheezy
- Debian jessie
- Debian stretch
- Debian sid
- Ubuntu 17.04
- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- SUSE Linux Enterprise Software Development Kit 12-SP2
- SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
- SUSE Linux Enterprise Server 12-SP2
- SUSE Linux Enterprise Desktop 12-SP2
- OpenSuse, Slackware, and Gentoo Linux
- sudo 1.8.6p7 to 1.8.20
How to protect yourself from this Vulnerability?
First, make sure your sudo is updated otherwise you’re vulnerable to this exploit.
sudo -v
If your vulnerable make sure to update your distro:
$ sudo apt update $ sudo apt upgrade
How do I patch sudo on CentOS/RHEL/Scientific/Oracle Linux server?
Run yum command:
$ sudo yum update
How do I patch sudo on Fedora Linux server?
Run dnf command:
$ sudo dnf update
How do I patch sudo on Suse/OpenSUSE Linux server?
Run zypper command:
$ sudo zypper update
How do I patch sudo on Arch Linux server?
Run pacman command:
$ sudo pacman -Syu
How do I patch sudo on Alpine Linux server?
Run apk command:
# apk update && apk upgrade
How do I patch sudo on Slackware Linux server?
Run upgradepkg command:
# upgradepkg sudo-1.8.20p1-i586-1_slack14.2.txz
How do I patch sudo on Gentoo Linux server?
Run emerge command:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-admin/sudo-1.8.20_p1"