Resolution for CVE-2017-1000367(sudo: Privilege escalation in via improper get_process_ttyname() parsing) in Red Hat Enterprise Linux?
Issue
- A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. (CVE-2017-1000367)
Environment
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux Server (v. 5 ELS)
- sudo
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.