Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on whatsapp

CVE-2019-14278 – all you need to know about a recent sudo exploit

What is it exactly?

sudo allows Linux users to escalate privileges, and most often, to run programs  as root. A recent vulnerability found in sudo which might allow a hacker to bypass certain security policies. The vulnerability is registered under CVE-2019-14287 in NIST vulnerability database.

Is my product vulnerable?

The vulnerability exists in sudo project versions up to 1.8.27 (including). Moreover, the vulnerability can only be used if the following configuration is present in sudoers (usually /etc/sudoers) configuration:

 username hostname = (ALL, !root) path-to-command

What is the mitigation?

Hardenite recommends to update sudo to version 1.8.28 or higher. As a quick workaround,  Runas ALL configurations can be removed from sudoers file.

Get comprehensive security for Linux

More articles

Meet us at

Cybertech 2020

28-30.1.2020 | Tel Aviv

Hardenite - Linux OS security by design
Skip to content