Sudo is a powerful utility built in almost all Linux distributions and we have a bad news for you – a recent privilege escalation vulnerability (CVE-2021-3156) has been discovered.
The vulnerability affects all the following sudo versions:
All legacy versions from 1.8.2 to 1.8.31p2
All stable versions from 1.9.0 to 1.9.5p1
A successful exploitation allows any unprivileged user to escalate its privileges to root on the vulnerable host. Of course, since it’s a privilege escalation vulnerability, it requires access to a local user on the vulnerable host in order to actually exploit it.
To test your host for this vulnerability just execute the next command
sudoedit -s / |
In case you receive the next response
usage: sudoedit [-AknS] [-r role] [-t type] [-C num] [-D directory] [-g group] [-h host] [-p prompt] [-R directory] [-T timeout] [-u user] file ... |
your host is safe but in case you receive the something like
sudoedit: /: not a regular file |
please upgrade
For CentOS 7 and CentOS 8 this is not a problem (yum -y update sudo) but if you’re using CentOS 6 then there are no way to upgrade from the official mirrors (since CentOS 6 is EOL)
You can download the rpm files from HERE (https://www.sudo.ws/download.html#binary)
Or directly
https://github.com/sudo-project/sudo/releases/download/SUDO_1_9_5p2/sudo-1.9.5-3.el6.x86_64.rpm
https://github.com/sudo-project/sudo/releases/download/SUDO_1_9_5p2/sudo-logsrvd-1.9.5-3.el6.x86_64.rpm
Then install the rpms with
rpm -U sudo-1.9.5-3.el6.x86_64.rpm rpm -U sudo-logsrvd-1.9.5-3.el6.x86_64.rpm |