| Summary: | sudo new security issue CVE-2017-1000367 and CVE-2017-1000368 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | davidwhodgins, marja11, sysadmin-bugs, zombie_ryushu |
| Version: | 5 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| See Also: | https://bugs.mageia.org/show_bug.cgi?id=21077 | ||
| Whiteboard: | MGA5-64-OK advisory MGA5-32-OK | ||
| Source RPM: | sudo-1.8.18p1-1.mga5.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2017-05-31 03:41:42 CEST
RedHat, Debian, Ubuntu, and openSUSE have issued advisories for this: https://rhn.redhat.com/errata/RHSA-2017-1382.html https://www.debian.org/security/2017/dsa-3867 https://www.ubuntu.com/usn/usn-3304-1/ https://lists.opensuse.org/opensuse-updates/2017-05/msg00106.html Assigning to all packagers collectively, since there is no registered maintainer for this package. CC:
(none) =>
marja11 sudo 1.8.20p2 has been released, fixing a related issue: https://www.sudo.ws/stable.html#1.8.20p2 http://openwall.com/lists/oss-security/2017/06/02/7 The second reference notes that this does actually fix a different security issue. We may see a CVE for this soon. CVE-2017-1000368 assigned for the issue fixed in 1.8.20p2: http://openwall.com/lists/oss-security/2017/06/06/6 Summary:
sudo new security issue CVE-2017-1000367 =>
sudo new security issue CVE-2017-1000367 and CVE-2017-1000368 (In reply to David Walser from comment #5) > CVE-2017-1000368 assigned for the issue fixed in 1.8.20p2: > http://openwall.com/lists/oss-security/2017/06/06/6 Fedora has issued an advisory for this today (June 8): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/VJLV6RSLKYRCGP4NKXMY4RECDUABZI4X/
David Walser
2017-06-18 23:53:50 CEST
See Also:
(none) =>
https://bugs.mageia.org/show_bug.cgi?id=21077 RedHat advisory for the second CVE from June 22: https://rhn.redhat.com/errata/RHSA-2017-1574.html Updated package uploaded for Mageia 5. Advisory: ======================== Updated sudo packages fix security vulnerability: A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. (CVE-2017-1000367) References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000367 https://rhn.redhat.com/errata/RHSA-2017-1382.html ======================== Updated packages in core/updates_testing: ======================== sudo-1.8.20p2-1.mga5 sudo-devel-1.8.20p2-1.mga5 from sudo-1.8.20p2-1.mga5.src.rpm Assignee:
pkg-bugs =>
qa-bugs No poc that I could find. Just testing that sudo is working properly. On m5 x86_64 I use it in a script that runs "sudo /usr/sbin/fetchnews -n". On i586, added myself to the wheel group (logged out/in), modified /etc/sudoers to allow members of the wheel group to run all commands with a passord ... $ sudo /sbin/arping 192.168.10.11 For sudo, enter password for dave > ARPING 192.168.10.11 from 192.168.10.117 enp0s3 Unicast reply from 192.168.10.11 [1C:AF:F7:D2:22:15] 0.860ms Whiteboard:
(none) =>
MGA5-64-OK advisory MGA5-32-OK An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0207.html Status:
NEW =>
RESOLVED |