ASA-201910-9 log generated external raw

[ASA-201910-9] sudo: privilege escalation
Arch Linux Security Advisory ASA-201910-9 ========================================= Severity: High Date : 2019-10-16 CVE-ID : CVE-2019-14287 Package : sudo Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1047 Summary ======= The package sudo before version 1.8.28-1 is vulnerable to privilege escalation. Resolution ========== Upgrade to 1.8.28-1. # pacman -Syu "sudo>=1.8.28-1" The problem has been fixed upstream in version 1.8.28. Workaround ========== This vulnerability only affects configurations of sudo that have a runas user list that includes an exclusion of root. The most simple example is: someuser ALL=(ALL, !root) /usr/bin/somecommand The exclusion is specified using an excalamation mark (!). In this example, the "root" user is specified by name. The root user may also be identified in other ways, such as by user id: someuser ALL=(ALL, !#0) /usr/bin/somecommand or by reference to a runas alias: Runas_Alias MYGROUP = root, adminuser someuser ALL=(ALL, !MYGROUP) /usr/bin/somecommand To ensure your sudoers configuration is not affected by this vulnerability, we recommend examining each sudoers entry that includes the `!` character in the runas specification, to ensure that the root user is not among the exclusions. These can be found in the /etc/sudoers file or files under /etc/sudoers.d. Description =========== A flaw was found in the way sudo prior to 1.8.28 implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to run a command as any user except root, this flaw can be used by the attacker to bypass that restriction. Impact ====== A local attacker is able to gain root privileges when sudo is configured to have a runas user list that includes an exclusion of root. References ========== https://www.sudo.ws/alerts/minus_1_uid.html https://www.sudo.ws/repos/sudo/rev/83db8dba09e7 https://security.archlinux.org/CVE-2019-14287