Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Sudo Heap-based Buffer Overflow Vulnerability
Alerts

Sudo Heap-based Buffer Overflow Vulnerability

28 January 2021

Security researchers have discovered a heap-based buffer overflow vulnerability in Sudo, a Linux/Unix utility that allows users to run programs with the security privileges of another user, which by default is the root superuser.  


CVE-2021-3156 - Sudo is able to escape special characters when running a command with the -s or -i option. However, special characters are not escaped when running "sudoedit -s" or "sudoedit -i". Executing it with a command-line argument that ends with a single backslash character causes a heap-based buffer overflow. Successful exploitation of this vulnerability could allow a local user to obtain full root superuser privileges.  


The vulnerability affects Sudo legacy versions (1.8.2 to 1.8.31p2) and all stable versions (1.9.0 to 1.9.5p1)

Users and system administrators are advised to update and install the security updates immediately.

References

https://www.sudo.ws/stable.html#1.9.5p2

https://www.bleepingcomputer.com/news/security/new-linux-sudo-flaw-lets-local-users-gain-root-privileges/

https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit


Back to top