Colin Mc Hugo

0 %
Colin Mc Hugo
Security Engineer Manager & CEO at Quantum Infinite Solutions Group Ltd.

Apple Patches 10-Year-Old macOS SUDO Root Privilege Escalation Bug

February 10, 2021

Apple has rolled out a repair for a essential sudo vulnerability in macOS Large Sur, Catalina, and Mojave that might enable unauthenticated native customers to realize root-level privileges on the system.

“An area attacker could possibly elevate their privileges,” Apple said in a safety advisory. “This concern was addressed by updating to sudo model 1.9.5p2.”

Sudo is a standard utility constructed into most Unix and Linux working techniques that lets a person with out safety privileges entry and run a program with the credentials of one other person.

Tracked as CVE-2021-3156 (additionally known as “Baron Samedit“), the vulnerability first got here to mild final month after safety auditing agency Qualys disclosed the existence of a heap-based buffer overflow, which it stated had been “hiding in plain sight” for nearly 10 years.

password auditor

The vulnerability, which was launched within the code again in July 2011, impacts sudo variations 1.7.7 by 1.7.10p9, 1.8.2 by 1.8.31p2, and 1.9.0 by 1.9.5p1, following which the maintainers launched 1.8.32 and 1.9.5p2 to resolve the problem.

Whereas the weak spot can solely be exploited by an attacker already accessing a weak host, the barrier might be simply bypassed by planting malware on a tool or brute-forcing a low-privileged service account.

In its report, Qualys researchers stated they managed to develop a number of variants of exploit and procure full root privileges on Ubuntu 20.04 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2).

However final week, British safety researcher Matthew Hickey found that the vulnerability additionally prolonged to the latest version of macOS Large Sur 11.2.

“CVE-2021-3156 additionally impacts @apple MacOS Large Sur (unpatched at current), you possibly can allow exploitation of the problem by symlinking sudo to sudoedit after which triggering the heap overflow to escalate one’s privileges to 1337 uid=0,” Hickey tweeted on February 2.

Moreover the repair for the sudo vulnerability, Tuesday’s supplemental safety replace additionally consists of patches for 2 flaws in Intel Graphics Driver (CVE-2021-1805 and CVE-2021-1806), which might trigger an utility to execute arbitrary code with kernel privileges.

The vulnerabilities, which stem from an out-of-bounds write and a race situation, respectively, have been rectified with extra validation, the iPhone maker stated.

Mac customers who have not opted to test for updates routinely can head to Apple menu > System Preferences, after which click on Software program Replace to download and install the newest updates.

Posted in SecurityTags:
Write a comment