Get patching, Linux users!
A recently disclosed vulnerability (CVE-2021-3156) in the popular Linux Sudo package could allow a malicious user to gain privileged root access on affected systems. This ten-year-old vulnerability affects most Linux distributions today.
The vulnerability uses a “Heap-based Buffer Overflow” exploit to allow a specific set of commands to gain root access. The vulnerability has not been rated with a CVSSv3 score, but due to the number of systems affected worldwide, it is imperative that organizations patch as soon as possible.
The vulnerability affects all versions of Sudo prior to version Sudo-1.9.5p2. Patches for older versions have been released and/or backported for Debian, Ubuntu, RHEL, and CentOS Stream 8. Other versions of CentOS have not been patched yet.
- Ubuntu: https://ubuntu.com/security/CVE-2021-3156
- Debian: https://security-tracker.debian.org/tracker/source-package/sudo
- RHEL/CentOS Stream: https://access.redhat.com/security/cve/CVE-2021-3156
More information about the vulnerability can be found here:
- CVE-2020-5366: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5366
We are currently taking steps to mitigate this vulnerability on all internal Linux servers. If you have any questions or concerns, feel free to contact our Service Desk at support@deft.com.