Sudo Releases Patch for Double Free Vulnerability (CVE-2023-27320)
Recently, a vulnerability was discovered in the popular Linux utility sudo that could potentially result in the variable that stores the command being freed more than once. This is referred to as a double-free vulnerability and could lead to a system crash or even be exploited by an attacker to gain unauthorized access.
Tracked as CVE-2023-27320, the flaw exists in sudo’s per-command chroot feature, which allows users to specify an alternate root directory that sudo will change to before executing the command. The bug was caught by glibc’s double-free detection while performing some chroot-related testing. No one else has reported the bug, which leads researchers to believe that it has not been encountered in the wild.
Sudo versions 1.9.8 through 1.9.13p1 are affected by this vulnerability. However, versions of sudo prior to 1.9.8 are not affected. Sudo 1.9.8 included a fix for a memory leak in the set_cmnd_path() function, which can result in the “user_cmnd” variable being freed twice but only when processing a sudoers rule that contains a “CHROOT” setting. This does not affect the “chroot” Defaults setting. Only a per-rule “CHROOT” setting will trigger the bug.
The impact of the CVE-2023-27320 bug is relatively low, as the per-command chroot feature is not widely used. The bug can only be triggered by a user that has been granted sudo privileges using a sudoers rule that contains a “CHROOT” setting, and the rule must match the current host.
“The bug can only be triggered by a user that has been granted sudo privileges using a sudoers rule that contain a “CHROOT”
setting and the rule must match the current host. If no users have sudoers rules containing “CHROOT” there is no impact. This feature is not commonly used,” the researcher wrote.
Therefore, the workaround is to remove any rules from the sudoers file that contain a “CHROOT” setting if using an affected version of sudo.
The bug has been fixed in sudo 1.9.13p2, and users are encouraged to upgrade to this version as soon as possible. It is always essential to keep your software up-to-date, particularly when security vulnerabilities have been discovered and addressed. Updating to the latest version of sudo will ensure that your system is protected against this vulnerability and other known security issues.
