One of the great advantages of using open source software is that its code is customizable by anyone. This brings the great advantage that there are many eyes seeing the caught in search of perfecting it. And that’s what happened because thanks to Joe Vennix has discovered a vulnerability in sudo. In this post, we will explain about it and also tell you how to correct it.
Quickly and by way of introduction, I will tell you that sudo is a tool that allows you to execute commands as if you were another user. Usually the other user is the root user. That is to say with our regular user, we can execute commands as if we were root user.
This situation brings many advantages when facilitating usability in a home system, but is not widely used in business.
The detail is that a vulnerability has been discovered that grants permissions of root user to whom it should not.
In which Ubuntu versions is there a vulnerability in sudo?
For now, the vulnerability in sudo affects the following versions of Ubuntu:
- Ubuntu 19.04
- Ubuntu 18.04 LTS
- Also, Ubuntu 16.04 LTS
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
This at server level as well as desktop operating system level. Therefore, as Ubuntu is one of the most popular distributions, it is easy to deduce that many people are affected by the vulnerability.
On the other hand, also versions 17.x, 18.x and 19.x of Linux Mint has been affected. This is because Linux Mint uses Ubuntu’s base packages for the system.
What was the problem?
/etc/sudoers file is where you find the configuration of which users may or may not use the sudo command.
However, the security breach discovered allowed any user to use commands as root. This was accomplished by modifying the file to circumvent the ban. That is, even when it was defined that a user could not execute sudo, modifying the sudoers file and setting user ID -1, this policy is circumvented.
On the other hand, it is worth mentioning that sudo is not enabled on many servers and there the consequences are less serious.
How can I solve the problem?
Fortunately, the vulnerability has been discovered and patched. Therefore, at this point it should already be available as an update through your preferred package manager.
For example, in the case of Ubuntu and Linux Mint is already available.
And so on the rest of the Linux distributions. Just upgrade. In case you do not have the new update, wait a little longer and it will surely be available.
Sudo has been compromised but there is already a solution. Upgrade now!