Service Notices

All Notices > Security Notices > [Alert] Sudo Local Privilege Escalation Vulnerability (CVE-2019-14287)

[Alert] Sudo Local Privilege Escalation Vulnerability (CVE-2019-14287)

Oct 17, 2019 GMT+08:00

I. Overview

Sudo recently released an official alert on the local privilege escalation vulnerability (CVE-2019-14287). If the Sudo is inappropriately configured, local attackers can construct special commands to bypass the restriction and execute specified commands on the server as the root user.

Sudo is a program for controlling and switching user rights in the Unix-like operating systems (such as BSD, MacOS, GNU/Linux).

Reference links:

https://www.sudo.ws/alerts/minus_1_uid.html

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

Affected versions:

Sudo versions earlier than 1.8.28

Secure versions:

Sudo version 1.8.28

IV. Inspection and Solutions

Inspection method:

Check whether the sudo configuration file /etc/sudoers contains *=(ALL, *), which exposes sudo to the vulnerability. The default sudo configuration file is not affected.

Workarounds:

Delete the *=(ALL, *) configurations from the sudo configuration file.

Rectification solution:

Sudo has released the latest version with the vulnerability fixed. Affected users can download and upgrade the software to the latest version.

Source code compilation upgrade:

https://www.sudo.ws/download.html

Check the following websites for software source upgrades of Linux releases:

Debian: https://www.debian.org/security/2019/dsa-4543

OpenSUSE: https://www.suse.com/security/cve/CVE-2019-14287/

Ubuntu: https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14287.html

Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1761584

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test. Default Linux instances created by HUAWEI CLOUD are not affected by this vulnerability.