Sudo has released an advisory addressing a heap-based buffer overflow vulnerability—CVE-2021-3156—affecting sudo legacy versions 1.8.2 through 1.8.31p2 and stable versions 1.9.0 through 1.9.5p1. Sudo is a utility included in many Unix- and Linux-based operating systems that allows a user to run programs with the security privileges of another user. An attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to update to sudo version 1.9.5p2, refer to vendors for available patches, and review the following resources for additional information.

Sudo Advisory
Qualys Blog
CERT Coordination Center Vulnerability Note VU#794544

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we’d welcome your feedback.

References

blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit

kb.cert.org/vuls/id/794544

www.sudo.ws/alerts/unescape_overflow.html

nessus 43

oraclelinux 4

rapid7blog 2

githubexploit 53

almalinux 1

f5 1

osv 4

ics 6

redhat 10

cisco 1

paloalto 1

virtuozzo 2

metasploit 1

openvas 21

centos 1

alpinelinux 1

cert 1

ibm 1

packetstorm 4

altlinux 2

photon 2

avleonov 1

redos 3

zdt 4

ubuntucve 1

ubuntu 1

attackerkb 1

suse 1

debian 3

fedora 2

cloudlinux 1

cisa_kev 1

cve 1

threatpost 2

prion 1

slackware 1

freebsd 1

amazon 2

debiancve 1

checkpoint_security 1

veracode 1

qualysblog 2

redhatcve 1

mageia 1

huawei 1

exploitdb 2

nessus

NewStart CGSL CORE 5.04 / MAIN 5.04 : sudo Vulnerability (NS-SA-2021-0032)

2021-03-10 00:00:00

EulerOS Virtualization 2.9.1 : sudo (EulerOS-SA-2021-1630)

2021-03-10 00:00:00

OracleVM 3.4 : sudo (OVMSA-2021-0003)

2021-01-29 00:00:00

oraclelinux

sudo security update

2021-01-27 00:00:00

sudo security update

2021-01-27 00:00:00

sudo security update

2021-01-27 00:00:00

rapid7blog

Metasploit Wrap-Up

2021-02-05 19:30:43

Cisco Patches Recently Disclosed "sudo" Vulnerability (CVE-2021-3156) in Multiple Products

2021-02-04 21:04:49

githubexploit

Exploit for Off-by-one Error in Sudo Project Sudo

2021-02-09 07:55:47

Exploit for Off-by-one Error in Sudo Project Sudo

2021-03-19 14:06:09

Exploit for Off-by-one Error in Sudo Project Sudo

2021-01-28 02:20:24

almalinux

Important: sudo security update

2021-01-26 18:53:36

K86488846 : Sudo vulnerability CVE-2021-3156

2021-01-29 00:00:00

osv

sudo vulnerability

2021-01-27 15:01:20

CVE-2021-3156

2021-01-26 21:15:12

sudo - security update

2021-01-26 00:00:00

ics

Johnson Controls Sensormatic Tyco AI

2021-05-13 12:00:00

Johnson Controls Sensormatic Electronics Illustra

2021-09-02 12:00:00

Johnson Controls Exacq Technologies exacqVision

2021-04-29 12:00:00

redhat

(RHSA-2021:0218) Important: sudo security update

2021-01-26 18:53:36

(RHSA-2021:0222) Important: sudo security update

2021-01-26 18:59:36

(RHSA-2021:0226) Important: sudo security update

2021-01-26 18:56:10

cisco

Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021

2021-01-29 21:30:00

paloalto

Informational: Impact of Sudo Vulnerability CVE-2021-3156

2021-02-10 17:00:00

virtuozzo

[Important] [Security] Fix for a vulnerability in sudo, CVE-2021-3156, for Virtuozzo Hybrid Server 7.x and Virtuozzo 6

2021-01-27 00:00:00

[Important] [Security] Virtuozzo Hybrid Infrastructure 4.0 Update 1.2 (4.0.1-49)

2020-02-03 00:00:00

metasploit

Sudo Heap-Based Buffer Overflow

2021-02-04 14:25:40

openvas

Debian: Security Advisory (DLA-2534-1)

2021-01-27 00:00:00

Sudo Heap-Based Buffer Overflow Vulnerability (Baron Samedit) - Active Check

2021-01-27 00:00:00

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-2170)

2021-07-07 00:00:00

centos

sudo security update

2021-01-27 00:11:23

alpinelinux

CVE-2021-3156

2021-01-26 21:15:00

cert

Sudo set_cmd() is vulnerable to heap-based buffer overflow

2021-02-04 00:00:00

ibm

Security Bulletin: Sudo as used by IBM QRadar SIEM is vulnerable to arbitrary code execution

2021-04-12 22:48:01

packetstorm

Sudo 1.9.5p1 Buffer Overflow / Privilege Escalation

2021-02-03 00:00:00

Sudo Buffer Overflow / Privilege Escalation

2021-02-01 00:00:00

Sudo Heap-Based Buffer Overflow

2021-01-27 00:00:00

altlinux

Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt0.M80P.1

2021-02-06 00:00:00

Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt1

2021-01-27 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0358

2021-01-29 00:00:00

Important Photon OS Security Update - PHSA-2021-0188

2021-01-27 00:00:00

avleonov

Vulristics: Beyond Microsoft Patch Tuesdays, Analyzing Arbitrary CVEs

2021-03-02 01:07:00

redos

ROS-2-613

2021-09-08 00:00:00

ROS-2-438

2021-12-24 00:00:00

ROS-2-654

2021-09-08 00:00:00

zdt

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (1)

2021-02-01 00:00:00

Sudo 1.8.31p2 / 1.9.5p1 Buffer Overflow Exploit

2021-02-05 00:00:00

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (2)

2021-02-01 00:00:00

ubuntucve

CVE-2021-3156

2021-01-26 00:00:00

ubuntu

Sudo vulnerability

2021-01-27 00:00:00

attackerkb

CVE-2021-3156 "Baron Samedit"

2021-01-26 00:00:00

suse

Security update for sudo (important)

2021-04-23 00:00:00

debian

[SECURITY] [DSA 4839-1] sudo security update

2021-01-26 18:05:33

[SECURITY] [DLA 2534-1] sudo security update

2021-01-26 18:36:18

[SECURITY] [DSA 4839-1] sudo security update

2021-01-26 18:05:33

fedora

[SECURITY] Fedora 32 Update: sudo-1.9.5p2-1.fc32

2021-01-27 04:12:23

[SECURITY] Fedora 33 Update: sudo-1.9.5p2-1.fc33

2021-01-27 01:19:48

cloudlinux

Fix CVE-2021-3156: Heap-based buffer overflow in sudo

2021-01-27 12:30:00

cisa_kev

Sudo Heap-Based Buffer Overflow Vulnerability

2022-04-06 00:00:00

cve

CVE-2021-3156

2021-01-26 21:15:00

threatpost

Sudo Bug Gives Root Access to Mass Numbers of Linux Systems

2021-01-27 19:16:41

HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform

2021-08-30 21:46:56

prion

Heap overflow

2021-01-26 21:15:00

slackware

[slackware-security] sudo

2021-01-26 21:34:51

freebsd

sudo -- Multiple vulnerabilities

2021-01-26 00:00:00

amazon

Important: sudo

2021-01-26 00:11:00

Important: sudo

2021-01-25 23:09:00

debiancve

CVE-2021-3156

2021-01-26 21:15:00

checkpoint_security

Check Point CVE-2021-3156 (sudo Privilege Escalation)

2021-01-28 08:21:18

veracode

Privilege Escalation

2021-01-26 21:59:42

qualysblog

Qualys Research Wins Two 2021 Pwnie Awards

2021-08-05 01:44:02

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)

2021-01-26 18:09:09

redhatcve

CVE-2021-3156

2021-01-26 19:51:28

mageia

Updated sudo packages fix security vulnerability

2021-01-27 03:40:21

huawei

Security Advisory - Sudo Privilege Escalation Vulnerability

2021-03-10 00:00:00

exploitdb

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (2)

2021-02-03 00:00:00

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (1)

2021-02-03 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

Related for CISA:765265E5BF9328E9BAF09F93A1684580