#VU50040 Heap-based buffer overflow


Published: 2021-02-09 | Updated: 2022-11-03

Vulnerability identifier: #VU50040

Vulnerability risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-3156

CWE-ID: CWE-122

Exploitation vector: Local

Exploit availability: Yes

Vulnerable software:
Sudo
Client/Desktop applications / Software for system administration

Vendor: Sudo

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in sudo. A local user can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system with root privileges.


Mitigation
Install update from vendor's website.

Vulnerable software versions

Sudo: 1.8.0 - 1.9.5p1


CPE

External links
http://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
http://bugzilla.redhat.com/show_bug.cgi?id=1917684
http://access.redhat.com/security/cve/CVE-2021-3156
http://www.sudo.ws/alerts/unescape_overflow.html


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?


Latest bulletins with this vulnerability