Debian Security Update DSA-3867 sudo - security update

Thread starter LinuxBot
Start date May 31, 2017

LinuxBot

Member

May 31, 2017

The Qualys Security team discovered that sudo, a program designed to provide limited super user privileges to specific users, does not properly parse "/proc/[pid]/stat" to read the device number of the tty from field 7 (tty_nr). A sudoers user can take advantage of this flaw on an SELinux-enabled system to obtain full root privileges.

Continue reading...

You must log in or register to reply here.

Facebook X (Twitter) Reddit Pinterest Tumblr WhatsApp Email Link

Members online

Total: 1,008 (members: 3, guests: 1,005)

Latest posts

Impartiality Of Distro Choices Advocated At This Site
- Latest: atanere
- 17 minutes ago
Forum Assistance
M
Lenovo Legion 7i Gen8 Kernel NULL pointer dereference
- Latest: mburge
- 32 minutes ago
Laptops / Netbooks
K
Basic Security
- Latest: KGIII
- 34 minutes ago
Linux Advanced Tutorials
USB ports issue - really slow
- Latest: dos2unix
- Today at 4:43 PM
General Computing
K
Bind a homemade char driver with an existing device
- Latest: krystalkarma06
- Today at 3:18 PM
Linux Hardware

Top