Linux Security Advisory - Sudo Vulnerability in Linux [CVE-2017-1000367]

A vulnerability has been discovered in Sudo’s get_process_ttyname() in linux command. this function opens “/proc/[pid]/stat” (man proc) and reads the device number of the tty from field 7 (tty_nr). Unfortunately, these fields are space-separated and field 2 (comm, the filename of the command) can contain spaces (CVE-2017-1000367).

How to Fix?

This vulnerability affected most of the Linux operating systems. You are recommended to update sudo package immediately on your Linux system to fix this vulnerability.


Debian Based Systems:
$ sudo apt update 
$ sudo apt install sudo

Redhat Based Systems:
$ sudo yum install sudo 

Fedora 22+ Systems:
$ sudo dnf install sudo

References: For more details about CVE-2017-1000367 vulnerability visit followings.

https://www.sudo.ws/alerts/linux_tty.html
http://www.openwall.com/lists/oss-security/2017/05/30/16
https://access.redhat.com/security/vulnerabilities/3059071

Linux Security Advisory – Sudo Vulnerability in Linux [CVE-2017-1000367]

How to Fix?

How to enable TLS 1.3, TLS1.2 only in Apache

How to Block Access to Specific URLs and Files in Apache

Preventing SQL injection attacks with prepared statements in MySQL

Linux Security Advisory – Sudo Vulnerability in Linux [CVE-2017-1000367]

How to Fix?

Related Posts

How to enable TLS 1.3, TLS1.2 only in Apache

How to Block Access to Specific URLs and Files in Apache

Preventing SQL injection attacks with prepared statements in MySQL