A Sudo Bug was found inside the Linux core command center. Following this, Threatpost reports that the bug allowed users to accept commands as root without authorization.
Sudo is the command center found within Linux. This utility lets administrators restrict or users to execute commands, including root access. This can be done within the system without requiring a profile change. The tool also allows users to perform actions within the system without requiring a profile change.
However, the vulnerability, identified as CVE-2019-14287, allows malicious parties to perform actions even without proper authorization. In fact, it enables them to bypass restrictions that prevent root access.
According to ThreatPost, Red Hat rated the vulnerability with a score of 7.8 out of 10. Joe Vennix of Apple Information Security reportedly identified and discovered the flaw.
Joe Venix from Apple Information Security discovered the bug. Threatpost explained that the flaw can be “exploited by merely specifying the user ID of the person executing commands” as “-1” or “4294967295.” This makes the system recognize the user ID as “0” which is assigned to root access.
As the utility requires no passwords for command execution given that the user is given root access, the exploitation can run successfully.
Another flaw of the tool is that the system utilizes the “ALL” keyword to pertain to all users in a user group to which the authorization will be given. This gives them the ability “to run any command as any valid user.”
ZDNet noted that “using ALL can be dangerous” as it “allows the user to run any command on the system” at any given context. The report also remarked that this gives the Suda an “inherently broken system.”
Meanwhile, ZDNet said that the vulnerability is “pretty much useless” and that it will not have a big impact if the malicious party is a Sudo user. Citing a Tweet by security expert and EURECOM assistant professor Yanick Fratantonio, the “bug thingy is being extremely overhyped” and is only relevant in very specific situations.
There is even a possibility that the average user will not encounter any issue with the utility. However, it is important to patch the bug to prevent the possibility of the issue getting bigger.
Fortunately, Linux was able to catch the vulnerability with Venix’s help. It has now created a patch that will come soon with the release of version 1.8.28.