Another root privilege escalation vulnerability was discovered in the sudo program used in GNU/Linux distribution to provide super user privileges to specific users.
Sudo 1.9.5p2 was released today and it addresses two security issues. The first, CVE-2021-3156 (a.k.a. Baron Samedit), was discovered by Qualys Research Labs and could allow local users (sudoers and non-sudoers) to obtain unintended access to the root (system administrator) account.
The new Sudo root privilege escalation vulnerability comes exactly a year after Joe Vennix discovered a stack-based buffer overflow vulnerability in Sudo, which could allow an unprivileged user to obtain full root privilege.
In addition, the new release patches CVE-2021-23239, a vulnerability discovered in Sudo’s sudoedit utility, which could allow a local attacker to bypass file permissions and determine if a directory exists or not. This security flaw affected Sudo versions before 1.9.5.
The Sudo 1.9.5p2 release also adds support for the setprogname emulation on systems that do not provide it, adds a missing dependency on libsudo_util in libsudo_eventlog, adds the ability to perserve user’s KRB5CCNAME environment variable when performing a PAM authentication, and addresses an issue with the sudoers log server client that could lead to very high CPU usage.
Most popular GNU/Linux distributions, including Ubuntu, Debian GNU/Linux, Arch Linux, and others, have already updated their sudo packages to address the new security issues and urge all users to update their installations as soon as possible.
You can also download Sudo 1.9.5p2 right now from the official website if you fancy compiling it yourself.
Last updated 3 years ago