An Apple security researcher has discovered a vulnerability in the Linux sudo command – the main command that allows users to run tasks – that could allow unprivileged users to execute commands as root.
Before you panic, it’s important to point out that the vulnerability, known as CVE-2019-14287, only works in non-standard configurations, which means that – thankfully – most Linux servers are unaffected. For the powerful bug to take effect, a user must have been given access to a command via the sudoers configuration file, which isn’t normally done by default.
The sudo utility was created to avoid the need to log out of one account and into another when elevated privileges are required. Using sudo, a user with permission to use the utility can execute a command in the context of another user, but the latest vulnerability grants root-user access to those who have never received such permission.
The vulnerability allows users to bypass the restriction by simply using -u#-1 or -u#4294967295 in the command line, after which they can execute arbitrary commands as root on a targeted Linux system, even when root access is explicitly disallowed.
The good news is that the vulnerability has been patched in sudo version 1.8.28, meaning an upgrade should be your next step to stay safe!
Concerned about vulnerabilities? Get dedicated UKFast support.