Buffer overflow in sudo (linux utility) - affects most distributions/versions - CVE-2021-3156
While a local user is required to exploit this vulnerability, even the account 'nobody' can exploit this vulnerability. An unprivileged user can gain root privileges on affected hosts!
Check if you are affected!
To check if you are affected, run sudoedit -s / as non-root user. If the response is sudoedit: your system is vulnerable.
The following "sudo" versions are vulnerable
* All legacy versions from 1.8.2 to 1.8.31p2
* All stable versions from 1.9.0 to 1.9.5p1
Severity: High
Additional information
https://yt.gl/sudobufferoverflow
#alert #severityHigh #vulnerability #linux #sudo
