A major security vulnerability has been discovered in the Linux operating system that could have left millions of devices at risk.
The flaw concerned a tweak to the Sudo utility which could allow any user to run commands as root. Ordinarily, in order to execute a Sudo (super user do) command, a user would either have to have been granted the relevant permissions, or would need to know the password for root. But in some – admittedly non-standard – configurations it is possible for users without these rights or knowledge to execute potentially dangerous commands as root.
While the consequences of this could be catastrophic, the good news is that the problem doesn't affect most Linux users.
- The best Linux distros of 2019 for beginners and advanced users
- 13 weird and wonderful niche Linux distros – try something different
- The best Linux apps of 2019: free and open source software
Although clearly an issue, in order to be vulnerable to this Sudo flaw, a system would have to be set up in a way that allows users to execute commands as any user other than root. While this scenario would imply that executing commands as root was explicitly forbidden, the flaw – which has been assigned CVE-2019-14287 – is such that it is incredibly easy to bypass the restriction.
What you should do
Exploiting the vulnerability is a simple matter of opting to run a command as user -1 or 4294967295. The addition of the parameters -u#-1 or -u#4294967295 to the Sudo command is all it takes to gain the extra privileges of root.
As explained on sudo.ws: "This can be used by a user with sufficient sudo privileges to run commands as root even if the Runas specification explicitly disallows root access as long as the ALL keyword is listed first in the Runas specification. Log entries for commands run this way will list the target user as 4294967295 instead of root."
The flaw was discovered by Apple security researcher Joe Vennix, and has been fixed in Sudo 1.8.28. Users are encouraged to ensure that they are updated to this version; popular distributions should include the updated version of the tool in due course.
Via The Hacker News
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sofia is a tech journalist who's been writing about software, hardware and the web for nearly 20 years – but still looks as youthful as ever! After years writing for magazines, her life moved online and remains fueled by technology, music and nature.
Having written for websites and magazines since 2000, producing a wide range of reviews, guides, tutorials, brochures, newsletters and more, she continues to write for diverse audiences, from computing newbies to advanced users and business clients. Always willing to try something new, she loves sharing new discoveries with others.
Sofia lives and breathes Windows, Android, iOS, macOS and just about anything with a power button, but her particular areas of interest include security, tweaking and privacy. Her other loves include walking, music, her two Malamutes and, of course, her wife and daughter.