ALAS-2017-780


Amazon Linux 1 Security Advisory: ALAS-2017-780
Advisory Release Date: 2017-01-04 17:00 Pacific
Advisory Updated Date: 2017-01-04 17:00 Pacific
Severity: Medium

Issue Overview:

It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system() or popen() C library functions with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could use this flaw to execute arbitrary commands with elevated privileges. (CVE-2016-7032)

It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges. (CVE-2016-7076)


Affected Packages:

sudo


Issue Correction:
Run yum update sudo to update your system.

New Packages:
i686:
    sudo-devel-1.8.6p3-25.23.amzn1.i686
    sudo-1.8.6p3-25.23.amzn1.i686
    sudo-debuginfo-1.8.6p3-25.23.amzn1.i686

src:
    sudo-1.8.6p3-25.23.amzn1.src

x86_64:
    sudo-devel-1.8.6p3-25.23.amzn1.x86_64
    sudo-debuginfo-1.8.6p3-25.23.amzn1.x86_64
    sudo-1.8.6p3-25.23.amzn1.x86_64