CVE-2021-3156

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

  • OS
    Any OS
  • Version
    Any Version
  • Type
    Any Type

37 fixes found:

    Version Update

    sudo security update
    Published Date:Jan 27, 2021
    Updated Date:Jan 27, 2021
    Source:Centos7
    Affected Packages:

    sudo-devel-1.8.23, sudo-1.8.23

    Version Update

    Sudo vulnerability
    Published Date:Jan 27, 2021
    Updated Date:Jan 27, 2021
    Source:Ubuntu12.04
    Affected Packages:

    sudo-1.8.3p1

    Version Update

    Sudo vulnerability
    Published Date:Jan 27, 2021
    Updated Date:Jan 27, 2021
    Source:Ubuntu14.04
    Affected Packages:

    sudo-1.8.9p5

    Version Update

    [SECURITY] [DLA 2534-1] sudo security update
    Published Date:Jan 26, 2021
    Updated Date:Jan 26, 2021
    Source:Debian9
    Affected Packages:

    sudo-1.8.19p1, sudo-ldap-1.8.19p1

    Version Update

    [SECURITY] [DSA 4839-1] sudo security update
    Published Date:Jan 26, 2021
    Updated Date:Jan 26, 2021
    Source:Debian10
    Affected Packages:

    sudo-1.8.27, sudo-ldap-1.8.27

    Version Update

    Sudo vulnerabilities
    Published Date:Jan 26, 2021
    Updated Date:Jan 26, 2021
    Source:Ubuntu16.04
    Affected Packages:

    sudo-1.8.16, sudo-ldap-1.8.16

    Version Update

    Sudo vulnerabilities
    Published Date:Jan 26, 2021
    Updated Date:Jan 26, 2021
    Source:Ubuntu20.04
    Affected Packages:

    sudo-1.8.31, sudo-ldap-1.8.31

    Version Update

    Sudo vulnerabilities
    Published Date:Jan 26, 2021
    Updated Date:Jan 26, 2021
    Source:Ubuntu20.10
    Affected Packages:

    sudo-ldap-1.9.1, sudo-1.9.1