Patch Linux

Get patching, Linux users!

A recently disclosed vulnerability (CVE-2021-3156) in the popular Linux Sudo package could allow a malicious user to gain privileged root access on affected systems. This ten-year-old vulnerability affects most Linux distributions today.

The vulnerability uses a “Heap-based Buffer Overflow” exploit to allow a specific set of commands to gain root access. The vulnerability has not been rated with a CVSSv3 score, but due to the number of systems affected worldwide, it is imperative that organizations patch as soon as possible.

The vulnerability affects all versions of Sudo prior to version Sudo-1.9.5p2. Patches for older versions have been released and/or backported for Debian, Ubuntu, RHEL, and CentOS Stream 8. Other versions of CentOS have not been patched yet.

More information about the vulnerability can be found here:

We are currently taking steps to mitigate this vulnerability on all internal Linux servers. If you have any questions or concerns, feel free to contact our Service Desk at support@deft.com.

Deft, a Summit company

Deft, a Summit company
2200 Busse Rd.
Elk Grove Village, IL 60007
+1 (312) 829-1111