Bug in sudo puts Linux,Unix based systems at high risk

We use the sudo command everyday to grant specific user rights, such as installing a package, updating the package, to access root files, to start LAMPP or apache server.
Any logged-in user without administrators permission can gain root privileges using an old bug in sudo.
This bug allows any local users to gain root access without root password.



Vulnerability

CVE-2021-3156: Heap-Based Buffer Overflow in sudo
More details https://nvd.nist.gov/vuln/detail/CVE-2021-3156

Vulnerable sudo versions

  • All legacy versions from 1.8.2 to 1.8.31p2
  • All stable versions from 1.9.0 to 1.9.5p1

Check your sudo version using

sudo --version

Disclosure Timeline

  • 2021-01-13: Advisory sent to Todd.Miller@sudo
  • 2021-01-19: Advisory and patches sent to distros@openwall
  • 2021-01-26: Coordinated Release Date (6:00 PM UTC)

Proof of Concept Video 

Video Credit: blog.qualys.com

It was found that sudo incorrectly handle memory when parsing command lines. A local user can use this issue to obtain access to the administrator.
Update your systems to resolve this problem.


Ubuntu and Debian Linux:
First of all check your sudo version

sudo --version

Update the package using apt command/apt-get command

sudo apt install sudo
sudo --version

Or you can simply run the following commands

sudo apt update
sudo apt upgrade


CentOS and Fedora Linux and Red Hat Enterprise Linux 8.x/7.x 
Type dnf command or yum command to fix the bug

sudo dnf update
##or
sudo yum update

macOS
You have to wait for Apple to release the update.
Apple will take time to push updates. Do not create new user and don’t give ssh access to anyone on your MacOS.

CsCode

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top