A vulnerability in sudo can elevate unprivileged users to root privileges. Credit: Pashaignatov / Getty Images Linux users should immediately patch a serious vulnerability to the sudo command that, if exploited, can allow unprivileged users gain root privileges on the host machine. Called Baron Samedit, the flaw has been “hiding in plain sight” for about 10 years, and was discovered earlier this month by researchers at Qualys and reported to sudo developers, who came up with patches Jan. 19, according to a Qualys blog. (The blog includes a video of the flaw being exploited.) A new version of sudo—sudo v1.9.5p2—has been created to patch the problem, and notifications have been posted for many Linux distros including Debian, Fedora, Gentoo, Ubuntu, and SUSE, according to Qualys. According to the common vulnerabilities and exposures (CVE) description of Baron Samedit (CVE-2021-3156), the flaw can be exploited “via ‘sudoedit -s’ and a command-line argument that ends with a single backslash character.” According to Qualys, the flaw was introduced in July 2011 and affects legacy versions from 1.8.2 to 1.8.31p2 as well as default configurations of versions from 1.9.0 to 1.9.5p1. The purpose of sudo is for adminst to administer user system privileges. For Ubuntu users, the patched sudo version appears to be related to the version of the OS you are running. The Ubuntu site shows this release-specific information for the flaw: Ubuntu 21.04 (Hirsute Hippo) Released (1.9.4p2-2ubuntu2) Ubuntu 20.10 (Groovy Gorilla) Released (1.9.1-1ubuntu1.1) Ubuntu 20.04 LTS (Focal Fossa) Released (1.8.31-1ubuntu1.2) Ubuntu 18.04 LTS (Bionic Beaver) Released (1.8.21p2-3ubuntu1.4) Ubuntu 16.04 LTS (Xenial Xerus) Released (1.8.16-0ubuntu1.10) Ubuntu 14.04 ESM (Trusty Tahr) Released (1.8.9p5-1ubuntu1.5+esm6) Use the sudo -version command to view which release you are running. Checking sudo on a 20.04 system, for example, you might see this: $ sudo —version Sudo version 1.8.31 Sudoers policy plugin version 1.8.31 Sudoers file grammar version 46 Sudoers I/O plugin version 1.8.31 Another way to determine if your systems are vulnerable is to run a command such as sudoedit -s /. If the command returns a usage statement, your system is OK. If it returns an error starting with “sudoedit”, you need the patch. Related content how-to How to examine files on Linux Linux provides very useful options for viewing file attributes, such as owners and permissions, as well as file content. By Sandra Henry Stocker Oct 24, 2024 6 mins Linux how-to 8 easy ways to reuse commands on Linux Typing the same command again and again can become tiresome. Here are a number of ways you can make repeating commands – or repeating commands but with some changes – a lot easier than you might expect. By Sandra Henry-Stocker Oct 15, 2024 5 mins Linux news SUSE Edge upgrade targets Kubernetes and Linux at the edge SUSE Edge 3.1 includes a new stack validation framework and an image builder tool that are aimed at improving the scalability and manageability of complex Kubernetes and Linux edge-computing deployments. By Sean Michael Kerner Oct 15, 2024 6 mins Edge Computing Linux Network Management Software how-to Lesser-known xargs command is a versatile time saver Boost your Linux command line options and simplify your work with xargs, a handy tool for a number of data manipulation tasks. By Sandra Henry Stocker Oct 11, 2024 6 mins Linux PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe