Sudo vulnerability, local user can exploit this flaw for root privilege escalation.

Linux — CVE-2021-3156

Sudo (su “do”) allows a system administrator to give users the ability to run commands as root while logging all commands and arguments.

Qualys security researchers discovered a vulnerability, mentioned that it is hiding in plain sight for nearly 10 years and millions of assets susceptible to it.

Follow Us on: Twitter, Instagram, Facebook to get latest security news!

According to the researchers, the heap-based buffer overflow flaw is present in

• sudo legacy versions (1.8.2 to 1.8.31p2)
• also, all stable versions (1.9.0 to 1.9.5p1) in their default configuration.

However, Other operating systems and distributions supported by Sudo are probably also exploitable using CVE-2021-3156 exploits.

Also, the researchers have developed a technical details and instructions on how users can check if they have a vulnerable version.

They developed several exploit variants that work on:

• Ubuntu 20.04
• Debian 10
• Fedora 33

but won’t be sharing the exploit code publicly. 

Security Recommendations:

For the stable distribution (buster), this problem fixed in version 1.8.27-1+deb10u3. Downloadable the stable version from here.

However, Patched vendor-supported version provided — Ubuntu, RedHat, Debian, Fedora, Gentoo, and others.