Wow, that's a big one (CVE-2021-3156): escalation of privilege | Prisma/Channel

Wow, that's a big one (CVE-2021-3156): escalation of privilege in sudo ( ) through a buffer overflow. Almost everyone's affected, any local user can elevate to root.

Affected versions:
All legacy versions from 1.8.2 to 1.8.31p2
All stable versions from 1.9.0 to 1.9.5p1

To test if your system is vulnerable or not, login to the system as a non-root user.
Run command sudoedit -s /
If the system is vulnerable, it will respond with an error that starts with sudoedit:
If the system is patched, it will respond with an error that starts with usage:

More details: https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit

Prisma/Channel

👨‍🚀 284
Technologies

All things cyber security — news, tips, discussions, and occasional humor. ⭐️ Please rate and review here: ⭐️. https://tchannels.me/c/prisma_channel. 🕊 Twitter: https://twitter.com/aprism...

Join
▲ Vote (1)

Wow, that's a big one (CVE-2021-3156): escalation of privilege | Prisma/Channel

Login