Skip to main content

Linux and macOS PCs hit by serious Sudo vulnerability

(Image credit: Shutterstock)

Linux and macOS systems have been hit by a nasty little bug in the Sudo utility, although the good news is it has already been patched.

Sudo is a tool that provides a specified user permissions above their normal levels, including root (administrative) access, but by leveraging this security flaw, it’s possible a low-privileged user (or malware) could get unauthorized root access, and thus potentially wreak all sorts of havoc on the host system.

An Apple security expert, Joe Vennix, discovered the bug, and it’s not the first he has pinned down. Back in October 2019, Vennix drew attention to another Sudo flaw that potentially allowed any user to run commands as root.

Memory problems

The fresh vulnerability (codenamed CVE-2019-18634) relates to Sudo incorrectly handling memory operations when the ‘pwfeedback’ option is enabled in the Sudoers configuration file, as The Hacker News reports. Essentially, when a password is requested, this security measure can be bypassed via a large input that triggers a buffer overflow.

Now, it’s often the case that pwfeedback isn’t enabled by default, but some operating system do have it active off-the-bat in Sudo – for example Linux Mint.

Further note that the buffer overflow flaw only affects Sudo versions previous to 1.8.26. Sudo has already been patched to defend against the exploit with version 1.8.31 (versions 1.8.26 onwards are safe anyway, as the result of another previous change – even though the bug is still present, it can’t actually be leveraged).

Apple also released a patch for macOS on January 28 to fix the problem, and it’s available for macOS High Sierra 10.13.6, Mojave 10.14.6, and Catalina 10.15.2.

Via Apple Insider