Privilege escalation in sudo (Alpine package)
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2017-1000368 |
| CWE-ID | CWE-20 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
sudo (Alpine package) Operating systems & Components / Operating system package or component |
| Vendor | Alpine Linux Development Team |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Privilege escalation
EUVDB-ID: #VU7193
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-1000368
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to improper input validation in the get_process_ttyname() function when parsing tty information from the process status file in the proc files by sudo. A local attacker can supply a specially crafted file to obtain potentially sensitive information or execute arbitrary command with root privileges.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Vulnerable software versionssudo (Alpine package): 1.7.4-r0 - 1.8.27-r2
sudo (Alpine package):
CPE2.3- cpe:2.3:o:alpine:sudo_alpine_package:1.7.4-r0:*:*:*:*:alpine_linux:*:
- cpe:2.3:o:alpine:sudo_alpine_package:1.7.4_p4-r0:*:*:*:*:alpine_linux:*:
- cpe:2.3:o:alpine:sudo_alpine_package:1.7.9-r0:*:*:*:*:alpine_linux:*:
- cpe:2.3:o:alpine:sudo_alpine_package::*:*:*:*:alpine_linux:*:
http://git.alpinelinux.org/aports/commit/?id=65742d1686905358cb3f4a84098986fee39b760c
http://git.alpinelinux.org/aports/commit/?id=4eb0cde945abbbc4072723fa88a36001fa50aef8
http://git.alpinelinux.org/aports/commit/?id=3646eb84251dca32277b87ee540ad7062a909687
http://git.alpinelinux.org/aports/commit/?id=ccdd2ee2ceb71d10697d939d5c79e49b2d0fbdd5
http://git.alpinelinux.org/aports/commit/?id=87cda3c142a7ab418e7a25d79f226a7470ec3867
http://git.alpinelinux.org/aports/commit/?id=e222fa626374a6093899fabfe269fcdb91199ad4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
