Nasty Linux, macOS sudo bug found and fixed

A vulnerability has been discovered in ‘Sudo,’ a powerful utility used in the Linux and macOS Terminal, one that could allow for users with restrictive privileges or malicious software to be able to run commands with administrative-level privileges, which could result in the loss or theft of user data in unpatched Macs. According to sudo developer Todd C. Miller, the bug can be observed “by passing a large input to sudo via a pipe when it prompts for a password.” As the attacker has “complete control of the data used to overflow the buffer,” this means there is a “high likelihood of exploitability.”

[Source: AppleInsider/ZDNet]

The post Nasty Linux, macOS sudo bug found and fixed appeared first on Linux.com.



source https://www.linux.com/news/linux-bug/

Post a Comment

0 Comments