CVE-2021-3156-Heap-based buffer overflow in Sudo
by CIRT Team
DESCRIPTION
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via “sudoedit -s” and a command-line argument that ends with a single backslash character:
IMPACT
A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user (users and system users, sudoers and non-sudoers), without authentication (i.e., the attacker does not need to know the user’s password). Successful exploitation of this flaw could lead to privilege escalation.
SYSTEM AFFECTED
The heap-based buffer overflow flaw is present in sudo legacy versions (1.8.2 to 1.8.31p2) and all stable versions (1.9.0 to 1.9.5p1) in their default configuration.
RECOMMENDATIONS
The bug has been fixed in sudo 1.9.5p2.
https://www.sudo.ws/stable.html#1.9.5p2
REFERENCES
https://www.sudo.ws/stable.html#1.9.5p2
https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3156
Recommended Posts
Active Exploitation of Critical F5 BIG – IP Vulnerability (CVE–2023-46747) Uncovered in Bangladesh
06 Nov 2024 - Security Advisories & Alerts