Linux Sudo ‘/src/ttyname.c’ Local Privilege Escalation Vulnerability (CVE-2017-1000367)
by CIRT Team
Description: When determining tty, Sudo does not correctly parse the contents of /proc/[pid]/ stat, local attackers may use this method to overwrite any file on the file system, bypassing expected permissions or getting the root shell.
Impact: Local attackers could exploit this issue to run arbitrary commands with root privileges. Sudo versions 1.8.6p7 through 1.8.20 are vulnerable.
Mitigation: Updates are available. Please see the references for more information.
Reference URL’s:
- http://www.securityfocus.com/bid/98745/info
- http://www.openwall.com/lists/oss-security/2017/05/30/16
- https://www.sudo.ws/alerts/linux_tty.html
- https://access.redhat.com/security/cve/cve-2017-1000367
- https://security-tracker.debian.org/tracker/CVE-2017-1000367
- https://www.suse.com/security/cve/CVE-2017-1000367/
Recommended Posts
Cyber Threat Alert: Surge in Attacks via Compromised Third-Party Service Providers
08 Feb 2024 - Articles, English articles, Security Advisories & Alerts
Subscribe here
MEMBER OF:
