March 29, 2023

Qualys security researchers have identified a critical sudo heap buffer overflow vulnerability that could be exploited by a rogue user to hijack a host system.

Sudo is an open source command line utility widely used in Linux and other Unix flavored operating systems. It is designed to provide management control as needed to selected trusted users.

A bug discovered by Qualys (CVE-2021-3156) Any Local users gain root-level access to vulnerable hosts with the default configuration. Qualys disclosed its findings in a coordinated release with operating system vendors, giving the wrong code a memorable name for mythical prank maker Baron Samedi.

The following versions of sudo are affected: 1.8.2 to 1.8.31p2 and 1.9.0 to 1.9.5p1. Qualys has developed exploits for several Linux distributions, including Ubuntu 20.04 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2). The security industry considers other distributions to be vulnerable as well.

Ubuntu and RedHat have already released patches, and distributions may have released them as well, so get them.

The report also describes how it was possible to defeat the ASLR defense mechanism aimed at blocking this type of exploit. Being introduced in July 2011 it’s not been fixed till date

Tags:

Leave a Reply

You may have missed

Apple Backports ZeroDay Patches for older devices

Apple Backports ZeroDay Patches for older devices

March 28, 2023
Apache Fineract Vulnerabilities

Apache Fineract Vulnerabilities

March 28, 2023
IceID Malware Shifting Focus to Ransomwares

IceID Malware Shifting Focus to Ransomwares

March 28, 2023
Sun Pharma suffers a Security Incident

Sun Pharma suffers a Security Incident

March 28, 2023
Twitter Source Code Leak on Git

Twitter Source Code Leak on Git

March 27, 2023
Okta Credentials Exposed via Post Exploitation Attack

Okta Credentials Exposed via Post Exploitation Attack

March 27, 2023
%d bloggers like this: