Patches available for Linux Sudo vulnerability

Red Hat, Debian and other Linux distributions released patches yesterday for high-severity vulnerability in sudo that could be abused by a local attacker to gain root privileges. Sudo is a program for Linux and UNIX systems that allows standard users to run specific commands as a superuser, such as adding users or performing system updates.

Researchers at Qualys found the vulnerability in sudo’ s get_process_ttyname function that allows a local attacker with sudo privileges to run commands as root or elevate privileges to root.

“ On Linux systems, sudo parses the /proc/[pid]/stat file to determine the device number of the process’ s tty (field 7). The fields in the file are space-delimited, but it is possible for the command name (field 2) to include white space (including newline), which sudo does not account for,” the sudo advisory said. “ A user with sudo privileges can cause sudo to use a device number of the user’ s choosing by creating a symbolic link from the sudo binary to a name that contains a space, followed by a number.”

Red Hat security team has released an issue stating that if the issue is left unresolved would attacker to circumvent the controls and do more than that. The attacker has to already be on a server and grant access to commands via sudo for the vulnerability to be exploited.

Red Hat said it released fixes yesterday for Red Hat Enterprise Linux 6, as well as Red Hat Enterprise Linux 7. Other distributions such as Debian, SUSE Linux were also patched successfully.

Tag : Sudo Breach-vulnerability
FAQ
Q
How to install Intel microcode firmware on Linux using a package manager
A
Tool to transform and deploy CPU microcode update for x86/amd64 comes with Linux. The procedure to install AMD or Intel microcode firmware on Linux is as follows:

Open the terminal app
Debian/Ubuntu Linux user type: sudo apt install intel-microcode
CentOS/RHEL Linux user type: sudo yum install microcode_ctl
Q
How to apply microcode update supplied by Intel on Linux
A
For apply the microcode update supplied by Intel on Linux, use the following link as given below "https://www.cyberciti.biz/faq/install-update-intel-microcode-firmware-linux/"
Q
How to Fix the Meltdown on Suse Enterprise Linux Server 12-SP3?
A
Execute the zypper command to Fix the Meltdown on Suse Enterprise Linux Server 12-SP3,
# zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-12=1
### [ To bring your system up-to-date ] ###
# zypper patch
# reboot
Q
How to Fix the Meltdown on an Amazon Linux running on AWS
A
Just run yum command:
# yum update kernel
# reboot
Q
What is a list of affected for Linux distro from Linux sudo vulnerability?
A
The following list of affected for Linux distro from Linux sudo vulnerability Hat Enterprise Linux 5 (including clones such as CentOS/Oracle/Scientific Linux 5)
Red Hat Enterprise Linux 6 (including clones such as CentOS/Oracle/Scientific Linux 6)
Red Hat Enterprise Linux 7 (including clones such as CentOS/Oracle/Scientific Linux 7)
Debian Linux wheezy
Debian Linux Jessie
Debian Linux stretch
Debian Linux buster, sid