Skip to main content

Decade-old vulnerability is still affecting most Linux distros

security threat
(Image credit: Shutterstock.com)

Security researchers at Qualys discovered a privilege escalation vulnerability in one of the core utilities present in all Unix-like operating systems including Linux

If exploited, the heap overflow vulnerability in the Sudo utility could allow any unprivileged user to gain root privileges.

The vulnerability, which has now been patched, has existed for almost a decade, according to a blog post by Animesh Jain, a Vulnerability Signatures Product Manager at Qualys.

Easily exploitable

The Sudo utility allows system admins to delegate limited root privileges to normal users. It’s governed by the sudoers configuration file, which lists the users who can run with elevated privileges. According to Qualys, the vulnerability allowed even normal users not listed in the sudoers files to gain super user privileges.

The vulnerability, which is being tracked as CVE-2021-3156, has been patched earlier today with the release of Sudo v1.9.5p2.

According to reports, there have been two other security flaws in the sudo utility that were disclosed over the past two years. The latest one however is considered to be the most damaging of the lot, since it wasn’t too difficult to exploit.

In fact, Qualys created three exploits based on this vulnerability and managed to obtain full root privileges on Ubuntu 20.04 (which uses Sudo 1.8.31), Debian 10 (with Sudo 1.8.27), and Fedora 33 (with Sudo 1.9.2). 

Since Sudo is used by virtually all Unix-like operating systems including the various BSDs, Jain says that other operating systems and distributions are also likely to be exploitable.

Via: ZDNet