CVE-2017-1000367: Vulnerability allows attacker to access root privileges

CVE-2017-1000367: A serious vulnerability allows’s attacker/hacker to access sudo┬ácommand that granted root permissions with a shell account.

For example: If you have a user account with local user privileges and that doesn’t execute root commands. But with this vulnerability or flaw, it allows anyone to escalate their privileges to root.

It works on SELinux enabled systems such as CentOS/RHEL and others too.

Which distro is affected by this Vulnerability:

  1. Red Hat Enterprise Linux 6 (sudo)
  2. Red Hat Enterprise Linux 7 (sudo)
  3. Red Hat Enterprise Linux Server (v. 5 ELS) (sudo)
  4. Oracle Enterprise Linux 6
  5. Oracle Enterprise Linux 7
  6. Oracle Enterprise Linux Server 5
  7. CentOS Linux 6 (sudo)
  8. CentOS Linux 7 (sudo)
  9. Debian wheezy
  10. Debian jessie
  11. Debian stretch
  12. Debian sid
  13. Ubuntu 17.04
  14. Ubuntu 16.10
  15. Ubuntu 16.04 LTS
  16. Ubuntu 14.04 LTS
  17. SUSE Linux Enterprise Software Development Kit 12-SP2
  18. SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
  19. SUSE Linux Enterprise Server 12-SP2
  20. SUSE Linux Enterprise Desktop 12-SP2
  21. OpenSuse, Slackware, and Gentoo Linux
  22. sudo 1.8.6p7 to 1.8.20

How to protect yourself from this Vulnerability?

First, make sure your sudo is updated otherwise you’re vulnerable to this exploit.

sudo -v

If your vulnerable make sure to update your distro:

$ sudo apt update
$ sudo apt upgrade

How do I patch sudo on CentOS/RHEL/Scientific/Oracle Linux server?

Run yum command:

$ sudo yum update

How do I patch sudo on Fedora Linux server?

Run dnf command:

$ sudo dnf update

How do I patch sudo on Suse/OpenSUSE Linux server?

Run zypper command:

$ sudo zypper update

How do I patch sudo on Arch Linux server?

Run pacman command:

$ sudo pacman -Syu

How do I patch sudo on Alpine Linux server?

Run apk command:

# apk update && apk upgrade

How do I patch sudo on Slackware Linux server?

Run upgradepkg command:

# upgradepkg sudo-1.8.20p1-i586-1_slack14.2.txz

How do I patch sudo on Gentoo Linux server?

Run emerge command:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/sudo-1.8.20_p1"

 

Back to top button
Close