Linux: Sudo

Several Linux distributions have released an update to fix a vulnerability in Sudo, a default Linux app behind the "sudo" command, which could allow a malicious actor to gain root privileges. The vulnerability, CVE-2017-1000367, was discovered by security researchers from Qualys who published an advisory demonstrating their proof-of-concept exploit. Sudo versions between 1.8.6p7 and 1.8.20 are affected. The vulnerability was fixed in Sudo 1.8.20p1. Red HatSUSEDebian, and Ubuntu released security updates to patch the vulnerability. The NJCCIC recommends that users and administrators apply the appropriate patch as soon as possible.