CVE-2021-3156: Linux OS Sudo Security Bug

Vendor: VMware

Product: Linux

Component: Sudo

Date: 26th January 2021

Target: IT Managers, SysOps

What's new

Any user with login access to a Linux OS can utilise a Buffer Overflow to gain administrative access to the system using Sudo.

How does this affect me?

  • If you are running the following version of Sudo then you are affected: -
  • All legacy versions from 1.8.2 to 1.8.31p2
  • All stable versions from 1.9.0 to 1.9.5p1

What do I need to do?

  • As per Qualys's instructions, to test if your system is vulnerable, login as a non-root user and run command: -
 sudoedit -s /

If the system is vulnerable, it will respond with an error that starts with “sudoedit:”

If the system is patched, it will respond with an error that starts with “usage:”

  • If you are vulnerable update Sudo or your OS.


  • CVE-2021-3156

Get in touch

Call us on 0333 000 3210 or Email us

Latest news...

Getting the most out of your Teams Telephony

Whether you’re talking to colleagues two floors up, or 200 miles away, Teams is a great collaboration tool. Even the free version can help people communicate and collaborate – either within, or across, organisations. So why should you add Teams Telephony to your package?

Read More

What is the most secure MFA method?

MFA stands for Multi-factor Authentication. It means users have to provide two or more verification factors to access a resource, such as an application, online account, or VPN. If you have MFA on all your business and personal online accounts, then you are already more secure than 85% of businesses. Let’s compare the various MFA methods available and see how we can make your account even more secure.

Read More