Linux SUDO Bug Lets You Run Commands as Root, Most Installs Unaffected
A researcher with Apple has found a security flaw in one of the most important Linux commands, namely the sudo command that is designed to let users execute commands “as root,” i.e. with system privileges. The vulnerability can allow users to run certain commands as root even if they are not permitted to do so.
In order to exploit the flaw, all a user has to do, is run the sudo command together with the user ID -1 or its positive equivalent 4294967295. Fortunately, the bug can only be exploited in non-standard configurations where a user is allowed to run certain commands as any user other than root. By running such a command with sudo and one of the aforementioned user IDs, the user will be able to run it as root nevertheless. Because the flaw doesn’t work in default configurations, most servers are not affected. Nevertheless, users are urged to update sudo to the latest version.