Heap-based buffer overflow in SUDO — — — (CVE-2021–3156) — — —

What is Sudo?

It is a powerful utility found in most, if not all, Unix and Linux-based operating systems. Allows users to run programs with another user’s security privileges.

Security Bug

The Qualys Research Team discovered a stack overflow vulnerability in sudo, an almost ubiquitous utility that can be used on major Unix-like operating systems. The vulnerability itself has been affected for nearly 10 years, from July 2011 to date (commit 8255ed69) and in default configurations 1.8.2 to 1.8.31p2 and all stable versions from 1.9.0 to 1.9.5p1 appeared.
It has been discovered that this vulnerability in sudo (CVE-2021–3156) could allow unprivileged local users to gain root privileges (without authentication) on a vulnerable host. The attacker can do this even if they are not listed in a configuration file named / etc / sudoers, and in this file is the list of users allowed to access su or sudo commands.

Security

If you are a sudo user, check your system and apply security hardening in time.

For this;

**sudo apt-get update

**sudo apt-get upgrade

You can use arguments.

Vulnerability Audit

1.Log into the system as a non-root user.

2. Enter the sudo -V command.

Learn the sudo version information with this argument.

3. Enter the sudoedit -s / command.
The vulnerable version asks for a password or gives an error message like this: not a regular file

A patched version will simply show a usage statement or
If the sudoers plugin is patched but the sudo pre-definitions are not, it will give an error message like this: invalid mode flags from sudo front end: 0x20002

Proposal:

Please check your system updates frequently. And make your updates.