Buffer Overflow in Sudo - Root Privilege Escalation Vulnerability (CVE-2021-3156)

On This Page

Recent Stories

January 9, 2023

Jan 09
LastPass Security Incident

March 31, 2022

Mar 31
Vulnerability in the Spring Framework (CVE-2022-22965)

December 10, 2021

Dec 10
Critical Vulnerability in log4j (CVE-2021-44228)
News Archive
January 26, 2021
Josh Kwan

Summary

A serious heap-based buffer overflow has been discovered in sudo that is exploitable by any local user. The flaw can be leveraged to elevate privileges to root, even if the user is not listed in the sudoers file. User authentication is not required to exploit the flaw. Researchers have developed working exploits against Ubuntu, Debian, and Fedora Linux distributions. Other UNIX-based operating systems and distributions are also likely to be exploitable. [1] [2]

Impact

Successful exploitation of this vulnerability allows any unprivileged user to gain root privileges on the vulnerable host. [2]

Vulnerable

  • Sudo versions 1.8.2 through 1.8.31p2

  • Sudo versions 1.9.0 through 1.9.5p1

Recommendations

  • Update to sudo version 1.9.5p2 or later or install a supported security patch from your operating system vendor.

  • ISO has notified the IST UNIX Team of this vulnerability and they are assessing the impact to IST-managed systems. Customers should expect patching plans to be relayed shortly. 

References