Skip to main content

Sudo bug could give an attacker root access to a Mac

A Sudo bug found in the Linux and BSD operating systems has now been found to also be present in macOS. The news was confirmed by two security researchers.

The bug could allow an ordinary user to gain root access to a Mac, though an attacker would also need to combine with malware or a brute-force attack to gain user access in the first place …

Background

Sudo is an app that allows users to do things that would normally require root access. Here’s how opensource.com describes it.

Sudo allows a system administrator to delegate authority by giving certain users the ability to run some commands as root or another user while providing an audit trail of the commands and their arguments.”

By default, sudo comes with a simple configuration, a single rule allowing a user or a group of users to do practically anything.

The bug was first discovered in Linux and BSD last month. Alarmingly, they discovered it had been present for 10 years.

Sudo bug also present in Macs

The researchers who discovered it said that at the time that it was “likely to be exploitable” in other Unix-based operating systems, and ZDNet reports that it has now been found within macOS.

A British security researcher has discovered today that a recent security flaw in the Sudo app also impacts the macOS operating system, and not just Linux and BSD, as initially believed.

The vulnerability, disclosed last week as CVE-2021-3156 (aka Baron Samedit) by security researchers from Qualys, impacts Sudo, an app that allows admins to delegate limited root access to other users. Qualys researchers discovered that they could trigger a “heap overflow” bug in the Sudo app to change the current user’s low-privileged access to root-level commands, granting the attacker access to the whole system […]

But as Matthew Hickey, the co-founder of Hacker House, pointed out on Twitter today, the recent version of macOS also ships with the Sudo app. Hickey said he tested the CVE-2021-3156 vulnerability and found that with a few modifications, the security bug could be used to grant attackers access to macOS root accounts as well […]

His findings were also privately and independently verified and confirmed to ZDNet by Patrick Wardle, one of today’s leading macOS security experts, and publicly by Will Dormann, a vulnerability analyst at the Carnegie Mellon University’s CERT Coordination Center.

Normally there would be no public disclosure of this type of vulnerability until Apple had been given the opportunity to fix it, but in this case it had already been speculated that the issue was present in macOS, so the bad guys have already been looking for it. Hickey notified Apple today, and it is likely that it will be fixed in a security update before long.

Photo by Courtney Corlew on Unsplash

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications