[TechRadar] Linux and MacOS PCs hit by serious Sudo vulnerability. - Overclock.net - An Overclocking Community

Forum Jump: 

[TechRadar] Linux and MacOS PCs hit by serious Sudo vulnerability.

Reply
 
Thread Tools
post #1 of 19 (permalink) Old 02-04-2020, 12:22 PM - Thread Starter
New to Overclock.net
 
Join Date: Feb 2020
Location: OKC
Posts: 20
Rep: 3 (Unique: 3)
[TechRadar] Linux and MacOS PCs hit by serious Sudo vulnerability.

Quote:
The fresh vulnerability (codenamed CVE-2019-18634) relates to Sudo incorrectly handling memory operations when the ‘pwfeedback’ option is enabled in the Sudoers configuration file, as The Hacker News reports. Essentially, when a password is requested, this security measure can be bypassed via a large input that triggers a buffer overflow.

Now, it’s often the case that pwfeedback isn’t enabled by default, but some operating system do have it active off-the-bat in Sudo – for example Linux Mint.

Further note that the buffer overflow flaw only affects Sudo versions previous to 1.8.26. Sudo has already been patched to defend against the exploit with version 1.8.31 (versions 1.8.26 onwards are safe anyway, as the result of another previous change – even though the bug is still present, it can’t actually be leveraged).
Source: https://www.techradar.com/news/linux...-vulnerability

So if you are a *nix user getting SUDO updated to at least 1.8.26 is a good idea especially if you have remote or local access for non privileged users. Mac Users should get updated to the latest version as well.
NightShade00013 is offline  
Sponsored Links
Advertisement
 
post #2 of 19 (permalink) Old 02-04-2020, 02:42 PM
Linux Gamer
 
Almost Heathen's Avatar
 
Join Date: Oct 2013
Location: CT, USA
Posts: 959
Rep: 64 (Unique: 44)
Quote: Originally Posted by NightShade00013 View Post
Source: https://www.techradar.com/news/linux...-vulnerability

So if you are a *nix user getting SUDO updated to at least 1.8.26 is a good idea especially if you have remote or local access for non privileged users. Mac Users should get updated to the latest version as well.
Thanks for the heads up.


Good to hear pwfeedback isn’t (typically) enabled by default.

NAS / HTPC
(21 items)
CPU
Intel Xeon W3680 @ 3.9GHz
Motherboard
Dell 0x501h (BIOS A16, not EFI capable)
GPU
EVGA GTX 1060 Gaming 6GB 06G-P4-6161-KR @ stock
RAM
30GB @ 1066MHz CL7 (3x8GB 2Rx8 1600MHz ECC UDIMMs, 3x2GB 2Rx8 1333MHz non-ECC)
Hard Drive
ZFS mirror (media), ZFS JBOD (gaming etc.), ZFS OS
Power Supply
Seasonic SS-850HT
Cooling
Scythe Ninja 4
Cooling
Sunbeam Rheostat Extreme Fan Controller rev2
Cooling
4 x San Ace 140x38mm @ ~800RPM starting speed
Cooling
Prolimatech MK-26 GPU Cooler
Case
CaseLabs Bullet BH8 (white)
Operating System
Antergos XFCE (Antergos repos removed)
Monitor
Panasonic Viera X3 TV
Keyboard
CM Storm Quickfire Pro (Cherry Reds)
Mouse
Logitech M310
Mouse
Itac mouse-trak Industrial Trackball
Mousepad
Cloth
Audio
Creative Sound BlasterX H5 Tournament Edition Headset
Audio
Creative Sound BlasterX G1 USB Sound Card
Audio
Boston Acoustics HD5 x2
Audio
Old Kenwood Stereo Receiver
▲ hide details ▲
Almost Heathen is offline  
post #3 of 19 (permalink) Old 02-04-2020, 02:44 PM
BOINC Cruncher
 
Diffident's Avatar
 
Join Date: Apr 2014
Location: Bawlmer, MD
Posts: 1,788
Rep: 111 (Unique: 72)
Version 1.8.26 was released on 2018-11-13. Most people should be safe. I usually don't install sudo. I add myself to the wheel group.

Team Boinc! - Forum Folding War Team
Gentoo Linux - Telemetry Free Since 1999!
Washington Capitals 2018 Stanley Cup Champions
Boinc Desktop
(15 items)
CrunchAholic
(10 items)
NAS
(7 items)
CPU
AMD Ryzen 7 1700X
Motherboard
ASRock X370 Taichi
GPU
AMD Radeon VII
RAM
HyperX Predator
Hard Drive
Samsung 970 EVOPlus
Power Supply
EVGA 850 G2
Cooling
Watercool Heatkiller IV PRO AM4 CPU Block
Cooling
EKWB Coolstream XE 240 Radiator
Cooling
EKWB Coolstream PE 360 Radiator
Cooling
Watercool Heatkiller 150mm Tube Res
Case
Thermaltake View 31 Tempered Glass RGB Edition
Operating System
Gentoo Linux
Monitor
Alienware AW3418DW
Keyboard
Coolermaster Masterkeys Pro S
Mouse
Roccat Kone EMP
CPU
Intel Xeon E5-2670
CPU
Intel Xeon E5-2670
Motherboard
Asrock Rack EP2C602
GPU
EVGA 1070ti FTW
GPU
EVGA 1070ti FTW
RAM
64 GBs Samsung M939B1K70CHD-CH9 PC3-10600R
Hard Drive
Samsung HD322HJ
Power Supply
Corsair AX1200
Case
Rosewill RSV-L4000
Operating System
Gentoo Linux
CPU
i3-4130T
Motherboard
GIGABYTE GA-H97N-WIFI
RAM
CORSAIR CMX16GX3M2A1600C11
Hard Drive
Western Digital Red 10 TB x3
Hard Drive
Western Digital Red 8 TB
Case
Fractal Design Node 804
Operating System
Gentoo Linux
▲ hide details ▲


Diffident is offline  
Sponsored Links
Advertisement
 
post #4 of 19 (permalink) Old 02-04-2020, 02:54 PM
Linux Gamer
 
Almost Heathen's Avatar
 
Join Date: Oct 2013
Location: CT, USA
Posts: 959
Rep: 64 (Unique: 44)
Quote: Originally Posted by Diffident View Post
Version 1.8.26 was released on 2018-11-13. Most people should be safe.
Good to know, thank you.

Quote: Originally Posted by Diffident View Post
I usually don't install sudo. I add myself to the wheel group.
Very interesting, I thought sudo was (for typical usage) a necessity. That one could do without it never really crossed my mind.



So adding yourself to wheel takes care of your needs, or you login as root to complete root operations?

NAS / HTPC
(21 items)
CPU
Intel Xeon W3680 @ 3.9GHz
Motherboard
Dell 0x501h (BIOS A16, not EFI capable)
GPU
EVGA GTX 1060 Gaming 6GB 06G-P4-6161-KR @ stock
RAM
30GB @ 1066MHz CL7 (3x8GB 2Rx8 1600MHz ECC UDIMMs, 3x2GB 2Rx8 1333MHz non-ECC)
Hard Drive
ZFS mirror (media), ZFS JBOD (gaming etc.), ZFS OS
Power Supply
Seasonic SS-850HT
Cooling
Scythe Ninja 4
Cooling
Sunbeam Rheostat Extreme Fan Controller rev2
Cooling
4 x San Ace 140x38mm @ ~800RPM starting speed
Cooling
Prolimatech MK-26 GPU Cooler
Case
CaseLabs Bullet BH8 (white)
Operating System
Antergos XFCE (Antergos repos removed)
Monitor
Panasonic Viera X3 TV
Keyboard
CM Storm Quickfire Pro (Cherry Reds)
Mouse
Logitech M310
Mouse
Itac mouse-trak Industrial Trackball
Mousepad
Cloth
Audio
Creative Sound BlasterX H5 Tournament Edition Headset
Audio
Creative Sound BlasterX G1 USB Sound Card
Audio
Boston Acoustics HD5 x2
Audio
Old Kenwood Stereo Receiver
▲ hide details ▲
Almost Heathen is offline  
post #5 of 19 (permalink) Old 02-04-2020, 03:01 PM
BOINC Cruncher
 
Diffident's Avatar
 
Join Date: Apr 2014
Location: Bawlmer, MD
Posts: 1,788
Rep: 111 (Unique: 72)
Quote: Originally Posted by Almost Heathen View Post
Good to know, thank you.


Very interesting, I thought sudo was (for typical usage) a necessity. That one could do without it never really crossed my mind.



So adding yourself to wheel takes care of your needs, or you login as root to complete root operations?

If you're in the wheel group it allows you open a root terminal with su. Type in su in the terminal, it asks for your password...then you have a root terminal to do whatever you need to do without entering sudo all the time.

Team Boinc! - Forum Folding War Team
Gentoo Linux - Telemetry Free Since 1999!
Washington Capitals 2018 Stanley Cup Champions
Boinc Desktop
(15 items)
CrunchAholic
(10 items)
NAS
(7 items)
CPU
AMD Ryzen 7 1700X
Motherboard
ASRock X370 Taichi
GPU
AMD Radeon VII
RAM
HyperX Predator
Hard Drive
Samsung 970 EVOPlus
Power Supply
EVGA 850 G2
Cooling
Watercool Heatkiller IV PRO AM4 CPU Block
Cooling
EKWB Coolstream XE 240 Radiator
Cooling
EKWB Coolstream PE 360 Radiator
Cooling
Watercool Heatkiller 150mm Tube Res
Case
Thermaltake View 31 Tempered Glass RGB Edition
Operating System
Gentoo Linux
Monitor
Alienware AW3418DW
Keyboard
Coolermaster Masterkeys Pro S
Mouse
Roccat Kone EMP
CPU
Intel Xeon E5-2670
CPU
Intel Xeon E5-2670
Motherboard
Asrock Rack EP2C602
GPU
EVGA 1070ti FTW
GPU
EVGA 1070ti FTW
RAM
64 GBs Samsung M939B1K70CHD-CH9 PC3-10600R
Hard Drive
Samsung HD322HJ
Power Supply
Corsair AX1200
Case
Rosewill RSV-L4000
Operating System
Gentoo Linux
CPU
i3-4130T
Motherboard
GIGABYTE GA-H97N-WIFI
RAM
CORSAIR CMX16GX3M2A1600C11
Hard Drive
Western Digital Red 10 TB x3
Hard Drive
Western Digital Red 8 TB
Case
Fractal Design Node 804
Operating System
Gentoo Linux
▲ hide details ▲


Diffident is offline  
post #6 of 19 (permalink) Old 02-04-2020, 03:06 PM
Linux Gamer
 
Almost Heathen's Avatar
 
Join Date: Oct 2013
Location: CT, USA
Posts: 959
Rep: 64 (Unique: 44)
Quote: Originally Posted by Diffident View Post
If you're in the wheel group it allows you open a root terminal with su. Type in su in the terminal, it asks for your password...then you have a root terminal to do whatever you need to do without entering sudo all the time.
Thank you for the explanation.

Never played around with su for some reason. That works rather nicely.

NAS / HTPC
(21 items)
CPU
Intel Xeon W3680 @ 3.9GHz
Motherboard
Dell 0x501h (BIOS A16, not EFI capable)
GPU
EVGA GTX 1060 Gaming 6GB 06G-P4-6161-KR @ stock
RAM
30GB @ 1066MHz CL7 (3x8GB 2Rx8 1600MHz ECC UDIMMs, 3x2GB 2Rx8 1333MHz non-ECC)
Hard Drive
ZFS mirror (media), ZFS JBOD (gaming etc.), ZFS OS
Power Supply
Seasonic SS-850HT
Cooling
Scythe Ninja 4
Cooling
Sunbeam Rheostat Extreme Fan Controller rev2
Cooling
4 x San Ace 140x38mm @ ~800RPM starting speed
Cooling
Prolimatech MK-26 GPU Cooler
Case
CaseLabs Bullet BH8 (white)
Operating System
Antergos XFCE (Antergos repos removed)
Monitor
Panasonic Viera X3 TV
Keyboard
CM Storm Quickfire Pro (Cherry Reds)
Mouse
Logitech M310
Mouse
Itac mouse-trak Industrial Trackball
Mousepad
Cloth
Audio
Creative Sound BlasterX H5 Tournament Edition Headset
Audio
Creative Sound BlasterX G1 USB Sound Card
Audio
Boston Acoustics HD5 x2
Audio
Old Kenwood Stereo Receiver
▲ hide details ▲
Almost Heathen is offline  
post #7 of 19 (permalink) Old 02-04-2020, 03:15 PM
BOINC Cruncher
 
Diffident's Avatar
 
Join Date: Apr 2014
Location: Bawlmer, MD
Posts: 1,788
Rep: 111 (Unique: 72)
Quote: Originally Posted by Almost Heathen View Post
Thank you for the explanation.

Never played around with su for some reason. That works rather nicely.

I'm the opposite. Being a Gentoo user, I've always used su, it seems to be Gentoo's preferred method. I didn't even know sudo existed till I started seeing Ubuntu guides popping up with everyone using sudo.

Team Boinc! - Forum Folding War Team
Gentoo Linux - Telemetry Free Since 1999!
Washington Capitals 2018 Stanley Cup Champions
Boinc Desktop
(15 items)
CrunchAholic
(10 items)
NAS
(7 items)
CPU
AMD Ryzen 7 1700X
Motherboard
ASRock X370 Taichi
GPU
AMD Radeon VII
RAM
HyperX Predator
Hard Drive
Samsung 970 EVOPlus
Power Supply
EVGA 850 G2
Cooling
Watercool Heatkiller IV PRO AM4 CPU Block
Cooling
EKWB Coolstream XE 240 Radiator
Cooling
EKWB Coolstream PE 360 Radiator
Cooling
Watercool Heatkiller 150mm Tube Res
Case
Thermaltake View 31 Tempered Glass RGB Edition
Operating System
Gentoo Linux
Monitor
Alienware AW3418DW
Keyboard
Coolermaster Masterkeys Pro S
Mouse
Roccat Kone EMP
CPU
Intel Xeon E5-2670
CPU
Intel Xeon E5-2670
Motherboard
Asrock Rack EP2C602
GPU
EVGA 1070ti FTW
GPU
EVGA 1070ti FTW
RAM
64 GBs Samsung M939B1K70CHD-CH9 PC3-10600R
Hard Drive
Samsung HD322HJ
Power Supply
Corsair AX1200
Case
Rosewill RSV-L4000
Operating System
Gentoo Linux
CPU
i3-4130T
Motherboard
GIGABYTE GA-H97N-WIFI
RAM
CORSAIR CMX16GX3M2A1600C11
Hard Drive
Western Digital Red 10 TB x3
Hard Drive
Western Digital Red 8 TB
Case
Fractal Design Node 804
Operating System
Gentoo Linux
▲ hide details ▲


Diffident is offline  
post #8 of 19 (permalink) Old 02-04-2020, 03:55 PM - Thread Starter
New to Overclock.net
 
Join Date: Feb 2020
Location: OKC
Posts: 20
Rep: 3 (Unique: 3)
I didn't pay a lot of attention to when the release dates were. But using FreeBSD based stuff for the most part I tend to just add to the wheel group as well for anything that I need to do if it requires privileges.

I figure that most people should be good but I am sure someone out there has a server they neglect quite badly and is only used for minor things that could be vulnerable. Better to be safe than sorry for sure.
NightShade00013 is offline  
post #9 of 19 (permalink) Old 02-04-2020, 05:22 PM
New to Overclock.net
 
Paradigm Shifter's Avatar
 
Join Date: Aug 2009
Location: Japan
Posts: 3,015
Rep: 257 (Unique: 204)
Mint never used to provide password feedback. It's one of the new changes they made to the last update that I really don't like. But I suppose it saves on "My password won't enter!" threads on their forum... that used to be the most common panic-mode from students encountering Linux for the first time.

I do use sudo, but most of the time if I want to do something as root... I'll switch to root. That way I know I need to be careful. It's worked so far.


Paradigm Shifter is offline  
post #10 of 19 (permalink) Old 02-05-2020, 09:33 AM
New to Overclock.net
 
Mrzev's Avatar
 
Join Date: Feb 2008
Location: Texas
Posts: 2,312
Rep: 97 (Unique: 77)
Its funny how buffer overflows are the bane of passwords it seems. I remember windows had an issue where if you typed in a password padded with a TON of spaces at the end, it would let you through.



Mrzev is offline  
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Overclock.net - An Overclocking Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page


Forum Jump: 

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off