Sudo Heap-based Buffer Overflow Vulnerability

Published on 28 Jan 2021

Updated on 28 Jan 2021

Security researchers have discovered a heap-based buffer overflow vulnerability in Sudo, a Linux/Unix utility that allows users to run programs with the security privileges of another user, which by default is the root superuser.  


CVE-2021-3156 - Sudo is able to escape special characters when running a command with the -s or -i option. However, special characters are not escaped when running "sudoedit -s" or "sudoedit -i". Executing it with a command-line argument that ends with a single backslash character causes a heap-based buffer overflow. Successful exploitation of this vulnerability could allow a local user to obtain full root superuser privileges.  


The vulnerability affects Sudo legacy versions (1.8.2 to 1.8.31p2) and all stable versions (1.9.0 to 1.9.5p1)

Users and system administrators are advised to update and install the security updates immediately.

 

References

https://www.sudo.ws/stable.html#1.9.5p2

https://www.bleepingcomputer.com/news/security/new-linux-sudo-flaw-lets-local-users-gain-root-privileges/

https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit