CVE-2021-3156-Heap-based buffer overflow in Sudo
by CIRT Team
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via “sudoedit -s” and a command-line argument that ends with a single backslash character:
A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user (users and system users, sudoers and non-sudoers), without authentication (i.e., the attacker does not need to know the user’s password). Successful exploitation of this flaw could lead to privilege escalation.
The heap-based buffer overflow flaw is present in sudo legacy versions (1.8.2 to 1.8.31p2) and all stable versions (1.9.0 to 1.9.5p1) in their default configuration.
The bug has been fixed in sudo 1.9.5p2.
26 Oct 2023 - Security Advisories & Alerts