Service Notices
[Alert] Sudo Local Privilege Escalation Vulnerability (CVE-2019-14287)
Oct 17, 2019 GMT+08:00
I. Overview
Sudo recently released an official alert on the local privilege escalation vulnerability (CVE-2019-14287). If the Sudo is inappropriately configured, local attackers can construct special commands to bypass the restriction and execute specified commands on the server as the root user.
Sudo is a program for controlling and switching user rights in the Unix-like operating systems (such as BSD, MacOS, GNU/Linux).
Reference links:
https://www.sudo.ws/alerts/minus_1_uid.html
II. Severity
Severity: important
(Severity: low, moderate, important, and critical)
III. Affected Products
Affected versions:
Sudo versions earlier than 1.8.28
Secure versions:
Sudo version 1.8.28
IV. Inspection and Solutions
Inspection method:
Check whether the sudo configuration file /etc/sudoers contains *=(ALL, *), which exposes sudo to the vulnerability. The default sudo configuration file is not affected.
Workarounds:
Delete the *=(ALL, *) configurations from the sudo configuration file.
Rectification solution:
Sudo has released the latest version with the vulnerability fixed. Affected users can download and upgrade the software to the latest version.
Source code compilation upgrade:
https://www.sudo.ws/download.html
Check the following websites for software source upgrades of Linux releases:
Debian: https://www.debian.org/security/2019/dsa-4543
OpenSUSE: https://www.suse.com/security/cve/CVE-2019-14287/
Ubuntu: https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14287.html
Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1761584
Note: Before fixing vulnerabilities, back up your files and conduct a thorough test. Default Linux instances created by HUAWEI CLOUD are not affected by this vulnerability.