Red Hat Product Security has been made aware of a local vulnerability affecting the Linux sudo package that allows for privilege escalation. The vulnerability has been assigned CVE-2017-1000367. This issue was publicly disclosed on May 30th, 2017 and has been rated as Important.
All sudo packages shipped with Red Hat Enterprise Linux are compiled with SELinux support, and SELinux is enabled by default.
Red Hat would like to thank Qualys Security for reporting this flaw.
Successful exploitation of this vulnerability could allow a local attack to escalation privileges and potentially malicious code.
Red Hat Product Security has rated this update as having a security impact of Important.
The following Red Hat product versions are impacted:
- Red Hat Enterprise Linux 5
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7
Diagnose your vulnerability
All Red Hat customers running affected products are strongly recommended to update as soon as patches are available. Details about impacted packages are noted below.
Updates for Affected Products
|Red Hat Enterprise Linux 7||sudo||RHSA-2017:1382|
|Red Hat Enterprise Linux 6||sudo||RHSA-2017:1382|
|Red Hat Enterprise Linux 5 ELS*||sudo|
*An active ELS subscription is required for access to this patch.
Please contact Red Hat sales or your specific sales representative for more information if your account does not have an active ELS subscription.
An Ansible playbook is available to address this issue. The playbook will update sudo to the latest available version, and will alert you afterward if you still have a vulnerable version of sudo installed. To run the playbook, list the hosts you wish to update in the HOSTS variable:
# ansible-playbook -e HOSTS=web01,db02 cve-2017-1000367.yml
If after an update, a host is still vulnerable, the play will fail with the message "Vulnerable version still installed".