Skip to content
Home » security » A Linux sudo bug

A Linux sudo bug

I had a busy day at work today, writing for my current employer about something my previous employer discovered. Qualys discovered a buffer overflow condition in sudo that, well, basically makes all your users root. I joked with one of my coworkers that Qualys could have used this to solve all its permissions problems when scanning Linux and Unix instead of disclosing this, but they did the right thing.

Most any Linux distro released between 2011 and 2020 has this flaw. So, run yum update or apt-get update to clean up those old sudos. Because we all know giving all your users root isn’t a good idea.

%d bloggers like this: