PT-2021-1695 · Sudo+8 · Sudo+8
Published
2020-04-28
·
Updated
2026-06-05
·
CVE-2021-3156
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Sudo versions prior to 1.9.5p2
Sudo versions 1.8.2 through 1.8.31p2
Sudo versions 1.9.0 through 1.9.5p1
Description
The issue is related to a heap-based buffer overflow in the sudo utility, which can be exploited to escalate privileges to root. This can be achieved via "sudoedit -s" and a command-line argument that ends with a single backslash character. The vulnerability allows an unprivileged user to gain root privileges on affected hosts. It is mentioned that even the account 'nobody' can exploit this vulnerability. The estimated number of potentially affected devices is not specified. There are reports of real-world incidents where this issue was exploited.
Technical details about exploitation include:
- API Endpoints: Not specified
- Vulnerable Parameters or Variables: A command-line argument that ends with a single backslash character
- Function Names: The
parse args()function is mentioned in relation to the vulnerability
Recommendations
For Sudo versions prior to 1.9.5p2: Update to version 1.9.5p2 or later to resolve the issue.
For Sudo versions 1.8.2 through 1.8.31p2: Update to version 1.9.5p2 or later to resolve the issue.
For Sudo versions 1.9.0 through 1.9.5p1: Update to version 1.9.5p2 or later to resolve the issue.
As a temporary workaround, consider restricting the use of the
sudoedit -s command until a patch is available.Exploit
Fix
DoS
LPE
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Centos
Huawei Vrp
Linuxmint
Apple Macos
Red Hat
Sudo
Suse
Ubuntu