Qualys security researchers have identified a critical sudo heap buffer overflow vulnerability that could be exploited by a rogue user to hijack a host system.

Sudo is an open source command line utility widely used in Linux and other Unix flavored operating systems. It is designed to provide management control as needed to selected trusted users.

A bug discovered by Qualys (CVE-2021-3156) Any Local users gain root-level access to vulnerable hosts with the default configuration. Qualys disclosed its findings in a coordinated release with operating system vendors, giving the wrong code a memorable name for mythical prank maker Baron Samedi.

The following versions of sudo are affected: 1.8.2 to 1.8.31p2 and 1.9.0 to 1.9.5p1. Qualys has developed exploits for several Linux distributions, including Ubuntu 20.04 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2). The security industry considers other distributions to be vulnerable as well.

Ubuntu and RedHat have already released patches, and distributions may have released them as well, so get them.

The report also describes how it was possible to defeat the ASLR defense mechanism aimed at blocking this type of exploit. Being introduced in July 2011 it’s not been fixed till date