CVE-2021-3156: Linux OS Sudo Security Bug

Vendor: VMware

Product: Linux

Component: Sudo

Date: 26th January 2021

Target: IT Managers, SysOps

What's new

Any user with login access to a Linux OS can utilise a Buffer Overflow to gain administrative access to the system using Sudo.

How does this affect me?

  • If you are running the following version of Sudo then you are affected: -
  • All legacy versions from 1.8.2 to 1.8.31p2
  • All stable versions from 1.9.0 to 1.9.5p1

What do I need to do?

  • As per Qualys's instructions, to test if your system is vulnerable, login as a non-root user and run command: -
 sudoedit -s /

If the system is vulnerable, it will respond with an error that starts with “sudoedit:”

If the system is patched, it will respond with an error that starts with “usage:”

  • If you are vulnerable update Sudo or your OS.

References

  • CVE-2021-3156

Get in touch

Call us on 0333 000 3210 or Email us solutions@datcom.co.uk

Latest news...