Joined: 12 May 2004
|Posted: Mon Jul 10, 2017 9:26 pm Post subject: [ GLSA 201705-15 ] sudo
|Gentoo Linux Security Advisory
Title: sudo: Privilege escalation (GLSA 201705-15)
A vulnerability in sudo allows local users to gain root privileges.
sudo (su “do”) allows a system administrator to delegate authority
to give certain users (or groups of users) the ability to run some (or
all) commands as root or another user while providing an audit trail of
the commands and their arguments.
Vulnerable: < 1.8.20_p1
Unaffected: >= 1.8.20_p1
Architectures: All supported architectures
Qualys discovered a vulnerability in sudo’s get_process_ttyname() for
Linux, that via sudo_ttyname_scan() can be directed to use a
user-controlled, arbitrary tty device during its traversal of “/dev”
by utilizing the world-writable /dev/shm.
A local attacker can pretend that his tty is any character device on the
filesystem, and after two race conditions, an attacker can pretend that
the controlled tty is any file on the filesystem allowing for privilege
There is no known workaround at this time.
All sudo users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/sudo-1.8.20_p1"