Apple Patches 10-Year-Old macOS SUDO Root Privilege Escalation Bug

  • Apple has rolled out a fix for a critical sudo vulnerability in macOS Big Sur, Catalina, and Mojave that could allow unauthenticated local people to acquire root-stage privileges on the technique.

    “A regional attacker may well be in a position to elevate their privileges,” Apple explained in a security advisory. “This issue was resolved by updating to sudo edition 1.9.5p2.”

    Sudo is a frequent utility built into most Unix and Linux operating units that lets a consumer with out security privileges entry and run a system with the qualifications of yet another user.

    Tracked as CVE-2021-3156 (also termed “Baron Samedit”), the vulnerability initial came to light-weight previous thirty day period right after security auditing firm Qualys disclosed the existence of a heap-based mostly buffer overflow, which it claimed experienced been “hiding in plain sight” for virtually 10 decades.

    The vulnerability, which was introduced in the code again in July 2011, impacts sudo versions 1.7.7 through 1.7.10p9, 1.8.2 by 1.8.31p2, and 1.9. as a result of 1.9.5p1, next which the maintainers unveiled 1.8.32 and 1.9.5p2 to resolve the issue.

    Even though the weakness can only be exploited by an attacker by now acquiring obtain to a vulnerable host, the barrier could be easily bypassed by planting malware on a unit or brute-forcing a very low-privileged service account.

    In its report, Qualys researchers stated they managed to produce several variants of exploit and acquire complete root privileges on Ubuntu 20.04 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2).

    But very last week, British security researcher Matthew Hickey discovered that the vulnerability also prolonged to the most recent edition of macOS Massive Sur 11.2, prompting Apple to deal with the security shortcoming.

    “CVE-2021-3156 also impacts @apple MacOS Large Sur (unpatched at present), you can enable exploitation of the issue by symlinking sudo to sudoedit and then triggering the heap overflow to escalate one’s privileges to 1337 uid=,” Hickey tweeted on February 2.

    Aside from the fix for the sudo vulnerability, Tuesday’s supplemental security update also includes patches for two flaws in Intel Graphics Driver (CVE-2021-1805 and CVE-2021-1806), which could lead to an software to execute arbitrary code with kernel privileges.

    The vulnerabilities, which stem from an out-of-bounds generate and a race situation, respectively, had been rectified with additional validation, the iPhone maker stated.

    Mac people who have not opted to look at for updates quickly can head to Apple menu > Process Tastes, and then click on Application Update to obtain and put in the hottest updates.

    Identified this write-up attention-grabbing? Comply with THN on Facebook, Twitter  and LinkedIn to go through far more exclusive written content we submit.