Sudo vulnerability, local user can exploit this flaw for root privilege escalation.
Linux — CVE-2021-3156
Sudo (su “do”) allows a system administrator to give users the ability to run commands as root while logging all commands and arguments.
Qualys security researchers discovered a vulnerability, mentioned that it is hiding in plain sight for nearly 10 years and millions of assets susceptible to it.
According to the researchers, the heap-based buffer overflow flaw is present in
- sudo legacy versions (1.8.2 to 1.8.31p2)
- also, all stable versions (1.9.0 to 1.9.5p1) in their default configuration.
However, Other operating systems and distributions supported by Sudo are probably also exploitable using CVE-2021-3156 exploits.
Also, the researchers have developed a technical details and instructions on how users can check if they have a vulnerable version.
They developed several exploit variants that work on:
- Ubuntu 20.04
- Debian 10
- Fedora 33
but won’t be sharing the exploit code publicly.
For the stable distribution (buster), this problem fixed in version 1.8.27-1+deb10u3. Downloadable the stable version from here.