sudo vulnerability was found. It was on sudoedit (
sudo -e) flaw. With it, attackers can edit arbitrary files, and therefore machines were at the risk of the pwned and having information steeled.
The official website statements:
If no users have been granted access to sudoedit there is no impact.
It is the case, for example, that
/etc/sudoers (or the target
visudo uses) has such a line:
someuser ALL=(root) sudoedit /etc/some.conf
someuser can edit another file by exploiting the flaw.
If sudo is 1.8 or greater, it is recommended to update it to the latest version (1.9.12p2) released today, on 2023-01-19.
In case that you can’t update it right now,
the official website describes there is a way to mitigate it by adding the line below to sudoers:
Defaults!sudoedit env_delete+="SUDO_EDITOR VISUAL EDITOR"
This post is based on the tweets by my company