September 25, 2023

Qualys security researchers have identified a critical sudo heap buffer overflow vulnerability that could be exploited by a rogue user to hijack a host system.

Sudo is an open source command line utility widely used in Linux and other Unix flavored operating systems. It is designed to provide management control as needed to selected trusted users.

A bug discovered by Qualys (CVE-2021-3156) Any Local users gain root-level access to vulnerable hosts with the default configuration. Qualys disclosed its findings in a coordinated release with operating system vendors, giving the wrong code a memorable name for mythical prank maker Baron Samedi.

The following versions of sudo are affected: 1.8.2 to 1.8.31p2 and 1.9.0 to 1.9.5p1. Qualys has developed exploits for several Linux distributions, including Ubuntu 20.04 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2). The security industry considers other distributions to be vulnerable as well.

Ubuntu and RedHat have already released patches, and distributions may have released them as well, so get them.

The report also describes how it was possible to defeat the ASLR defense mechanism aimed at blocking this type of exploit. Being introduced in July 2011 it’s not been fixed till date

Tags:

Leave a Reply

Related Post

BlackCat adds Clarion to its Victim list

September 24, 2023

TheCyberThrone Security Week In Review – September 23, 2023

September 24, 2023

You may have missed

BlackCat adds Clarion to its Victim list

September 24, 2023

TheCyberThrone Security Week In Review – September 23, 2023

September 24, 2023

MGM Resorts and Ceasars Attacks – Lesson Learnt

September 23, 2023

CISA KEV Update September 2023 – Part II

September 23, 2023

Air Canada Reveals Data Exposure due to a Cyberattack

September 23, 2023

SandMan APT Group in action against Telcos

September 22, 2023
%d bloggers like this: