A major security hole affecting the Linux ecosystem has been patched since last night in Sudo, a application allowing administrators to give limited access root to other users.
Η vulnerability, which has as an identifier the CVE-2021-3156, better known as "Baron Samedit", was discovered by security company Qualys two weeks ago. Fixed last night with the release of Sudo v1.9.5p2 (update immediately).
In a simple explanation provided by the sudo team, the error Baron Samedit μπορεί να αξιοποιηθεί από έναν εισβολέα που έχει αποκτήσει πρόσβαση σε έναν λογαριασμό με χαμηλά προνόμια για να αποκτήσει πρόσβαση root, ακόμα και αν ο λογαριασμός δεν αναφέρεται στο /etc/sudoers – ένα αρχείο ρυθμίσεων που ελέγχει σε ποιους χρήστες επιτρέπεται η πρόσβαση στις εντολές su ή sudo.
For technical details see reference Qualys or the video below.
While two other Sudo security vulnerabilities have been uncovered in the last two years, the error being uncovered today is far more dangerous.
The previous two errors, CVE-2019-14287 and CVE-2019-18634, were difficult to utilize because they required complex and non-standard sudo settings.
Things are different for the bug revealed today, because it affects all Sudo installations where there are sudoers (/ etc / sudoers) - which is usually found on most default Linux installations - Sudo.