Synology-SA-17:19 sudo

Publish Time: 2017-06-01 00:00:00 UTC+8

Last Updated: 2021-04-12 15:32:58 UTC+8

Severity: Low

Status: Resolved

Abstract

CVE-2017-1000367 allows local authenticated users with privileges to execute commands via sudo to overwrite arbitrary files and obtain full root privileges.

This vulnerability lowly impacts DSM because only the authenticated users in the sudoer list by default are able to switch to root in DSM.

Severity

Impact: Low

Affected

Products
- DSM 6.1
- DSM 6.0
Models
- All Synology models

Description

A vulnerability was revealed in ttyname.c in sudo versions 1.8.6p7 through 1.8.20 due to the incorrectly parsed tty information from the process status file, which allows local users configured in sudoers to overwrite arbitrary files via a crafted symlink and race condition.

Update Availability

To fix the security issue, please update DSM 6.2 to 6.2-22259 or above.

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000367
https://www.sudo.ws/alerts/linux_tty.html
http://www.openwall.com/lists/oss-security/2017/05/30/16