CVE-2021-3156: Linux OS Sudo Security Bug

Vendor: VMware

Product: Linux

Component: Sudo

Date: 26th January 2021

Target: IT Managers, SysOps

What's new

Any user with login access to a Linux OS can utilise a Buffer Overflow to gain administrative access to the system using Sudo.

How does this affect me?

  • If you are running the following version of Sudo then you are affected: -
  • All legacy versions from 1.8.2 to 1.8.31p2
  • All stable versions from 1.9.0 to 1.9.5p1

What do I need to do?

  • As per Qualys's instructions, to test if your system is vulnerable, login as a non-root user and run command: -
 sudoedit -s /

If the system is vulnerable, it will respond with an error that starts with “sudoedit:”

If the system is patched, it will respond with an error that starts with “usage:”

  • If you are vulnerable update Sudo or your OS.

References

  • CVE-2021-3156

Get in touch

Call us on 0333 000 3210 or Email us solutions@datcom.co.uk

Latest news...

The Spam Test

Scammers have become increasingly competent over the years which has made spotting malicious emails more difficult. Whilst It is still the case that the grammar and general sentence structure tend to be poor, this has reduced as foreign attackers have got more proficient and translation tools have improved.

Read More