Explore top 10 tips to secure your open-source projects now. Read More
×
Sudo could be made to run commands as root if it called with
a specially crafted user ID.
Software Description:
- sudo: Provide limited super user privileges to specific users
Details:
Joe Vennix discovered that Sudo incorrectly handled
certain user IDs. An attacker could potentially exploit this
to execute arbitrary commands as the root user.
The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: sudo 1.8.27-1ubuntu1.1 sudo-ldap 1.8.27-1ubuntu1.1 Ubuntu 18.04 LTS: sudo 1.8.21p2-3ubuntu1.1 sudo-ldap 1.8.21p2-3ubuntu1.1 Ubuntu 16.04 LTS: sudo 1.8.16-0ubuntu1.8 sudo-ldap 1.8.16-0ubuntu1.8 Ubuntu 14.04 ESM: sudo 1.8.9p5-1ubuntu1.5+esm2 sudo-ldap 1.8.9p5-1ubuntu1.5+esm2 Ubuntu 12.04 ESM: sudo 1.8.3p1-1ubuntu3.8 sudo-ldap 1.8.3p1-1ubuntu3.8 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-4154-1
CVE-2019-14287
Get the latest Linux and open source security news straight to your inbox.