I had a busy day at work today, writing for my current employer about something my previous employer discovered. Qualys discovered a buffer overflow condition in sudo that, well, basically makes all your users root. I joked with one of my coworkers that Qualys could have used this to solve all its permissions problems when scanning Linux and Unix instead of disclosing this, but they did the right thing.
Most any Linux distro released between 2011 and 2020 has this flaw. So, run yum update or apt-get update to clean up those old sudos. Because we all know giving all your users root isn’t a good idea.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.