Buffer Overflow in Sudo - Root Privilege Escalation Vulnerability (CVE-2021-3156)

January 26, 2021

Summary

A serious heap-based buffer overflow has been discovered in sudo that is exploitable by any local user. The flaw can be leveraged to elevate privileges to root, even if the user is not listed in the sudoers file. User authentication is not required to exploit the flaw. Researchers have developed working exploits against Ubuntu, Debian, and Fedora Linux distributions. Other UNIX-based operating systems and distributions are also likely to be exploitable. [1] [2]

Impact

Successful exploitation of this vulnerability allows any unprivileged user to gain root privileges on the vulnerable host. [2]

Vulnerable

  • Sudo versions 1.8.2 through 1.8.31p2

  • Sudo versions 1.9.0 through 1.9.5p1

Recommendations

  • Update to sudo version 1.9.5p2 or later or install a supported security patch from your operating system vendor.

  • ISO has notified the IST UNIX Team of this vulnerability and they are assessing the impact to IST-managed systems. Customers should expect patching plans to be relayed shortly. 

References