Wind River Support Network

HomeDefectsLIN7-11529
Fixed

LIN7-11529 : Security Advisory - sudo - CVE-2019-14287

Created: Oct 17, 2019    Updated: Nov 14, 2019
Resolved Date: Nov 14, 2019
Previous ID: LIN8-11624
Found In Version: 7.0.0.30
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Userspace

Description

A flaw was found in the way sudo implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to run a command as any user except root, this flaw can be used by the attacker to bypass that restriction.

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube