You are able to read the article Here
Hello everyone and welcome back to another cyber security blog post, In this post I am going to be sharing one of the most recent exploits that has been found with one of the largest and most important components in linux and that is sudo
The vulnerability in question is a sudo security policy bypass issue that could allow a malicious user or a program to execute arbitrary commands as root on a targeted Linux system even when the “sudoers configuration” explicitly disallows the root access.
Basicallly anyone who has sudo access is able to give themself root access, Nice one linux.
Since privilege separation is one of the fundamental security paradigms in Linux, administrators can configure a sudoers file to define which users can run what commands as to which users.
This vulnerability is being tracked as CVE-2019-14287 and was discovered by Joe Vennix of Apple Information Security
this flaw can be exploited by an attacker to run commands as root just by specifying the user ID “-1” or “4294967295.”
That’s because the function which converts user id into its username incorrectly treats -1, or its unsigned equivalent 4294967295, as 0, which is always the user ID of root user
Well that does not seem hard at all, Honestly not sure how people did not pick up on this flaw earlier.
The vulnerability affects all Sudo versions prior to the latest released version 1.8.28, which has been released today
Guys make sure you update you sudo package ASAP to prevent people exploiting this flaw on your machine.
Well that’s about it for this blog post. As always if you enjoy my content you can support me by becoming a patreon Here This allows me to make blogging a full-time job and gives me more time to blog as I do not need to get a part-time job. When you become a patreon you unlock perks such as premium support, Custom roles in the discord, Access to bot code and much more. I would highly suggest checking it out.
Thanks for your support