USN-2146-1: Sudo vulnerabilities

Publication date

13 March 2014

Overview

Several security issues were fixed in Sudo.


Packages

  • sudo - Provide limited super user privileges to specific users

Details

Sebastien Macke discovered that Sudo incorrectly filtered environment
variables when the env_reset option was disabled. A local attacker could
use this issue to possibly run unintended commands by using environment
variables that were intended to be blocked. In a default Ubuntu
installation, the env_reset option is enabled by default. This issue only
affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2014-0106)

It was discovered that the Sudo init script set a date in the past on
existing timestamp files instead of using epoch to invalidate them
completely. A local attacker could possibly modify the system time to
attempt to reuse timestamp files. This issue only applied to Ubuntu
12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10. (LP: #1223297)

Sebastien Macke discovered that Sudo incorrectly filtered environment
variables when the env_reset option was disabled. A local attacker could
use this issue to possibly run unintended commands by using environment
variables that were intended to be blocked. In a default Ubuntu
installation, the env_reset option is enabled by default. This issue only
affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2014-0106)

It was discovered that the Sudo init script set a date in the past on
existing timestamp files instead of using epoch to invalidate them
completely. A local attacker could possibly modify the system time to
attempt to reuse timestamp files. This issue only applied to Ubuntu
12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10. (LP: #1223297)

Update instructions

In general, a standard system update will make all the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
13.10 saucy sudo –  1.8.6p3-0ubuntu3.1
sudo-ldap –  1.8.6p3-0ubuntu3.1
12.10 quantal sudo –  1.8.5p2-1ubuntu1.2
sudo-ldap –  1.8.5p2-1ubuntu1.2
12.04 precise sudo –  1.8.3p1-1ubuntu3.6
sudo-ldap –  1.8.3p1-1ubuntu3.6
10.04 lucid sudo –  1.7.2p1-1ubuntu5.7
sudo-ldap –  1.7.2p1-1ubuntu5.7

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.


Have additional questions?

Talk to a member of the team ›