sudo vulnerability: patch your systems

Attention masternode and systemnode operators, anyone running a linux wallet

walkjivefly
Oct 16 · 1 min read

Details were published yesterday about a nasty little bug in sudo which could allow any user in the sudo group to achieve full root access.

Are you affected?

Probably, if you’re running any version of sudo earlier than 1.8.28

How can you tell?

Try this:

sudo -u#-1 /bin/sh

or this:

sudo -u#4294967295 /bin/sh

If you don’t get an error message then you need to apply a patch.

What should you do?

Hopefully your distro provider has already released a patch. Run your usual system update tool and retry the test above. If you don’t get an error then you need to contact your distro provider and ask them to provide a patch.

Crown Platform

Crown is a digital token and blockchain platform enabling independence serving individuals & businesses. We are focused on legal compliance and transparency utilizing our decentralized governance model.

walkjivefly

Written by

Crown Platform

Crown is a digital token and blockchain platform enabling independence serving individuals & businesses. We are focused on legal compliance and transparency utilizing our decentralized governance model.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade