The bug could allow an ordinary user to gain root access to a Mac, though an attacker would also need to combine with malware or a brute-force attack to gain user access in the first place …
Sudo is an app that allows users to do things that would normally require root access. Here’s how opensource.com describes it.
Sudo allows a system administrator to delegate authority by giving certain users the ability to run some commands as root or another user while providing an audit trail of the commands and their arguments.”
By default, sudo comes with a simple configuration, a single rule allowing a user or a group of users to do practically anything.
The bug was first discovered in Linux and BSD last month. Alarmingly, they discovered it had been present for 10 years.
Sudo bug also present in Macs
The researchers who discovered it said that at the time that it was “likely to be exploitable” in other Unix-based operating systems, and ZDNet reports that it has now been found within macOS.
A British security researcher has discovered today that a recent security flaw in the Sudo app also impacts the macOS operating system, and not just Linux and BSD, as initially believed.
The vulnerability, disclosed last week as CVE-2021-3156 (aka Baron Samedit) by security researchers from Qualys, impacts Sudo, an app that allows admins to delegate limited root access to other users. Qualys researchers discovered that they could trigger a “heap overflow” bug in the Sudo app to change the current user’s low-privileged access to root-level commands, granting the attacker access to the whole system […]
But as Matthew Hickey, the co-founder of Hacker House, pointed out on Twitter today, the recent version of macOS also ships with the Sudo app. Hickey said he tested the CVE-2021-3156 vulnerability and found that with a few modifications, the security bug could be used to grant attackers access to macOS root accounts as well […]
His findings were also privately and independently verified and confirmed to ZDNet by Patrick Wardle, one of today’s leading macOS security experts, and publicly by Will Dormann, a vulnerability analyst at the Carnegie Mellon University’s CERT Coordination Center.
Normally there would be no public disclosure of this type of vulnerability until Apple had been given the opportunity to fix it, but in this case it had already been speculated that the issue was present in macOS, so the bad guys have already been looking for it. Hickey notified Apple today, and it is likely that it will be fixed in a security update before long.