CVE-2021-3156: Sudo Heap-Based Buffer Overflow Vulnerability Alert

On January 27, 2021, RedHat issued a risk notice for heap-based buffer overflow vulnerability, the vulnerability number is CVE-2021-3156. The vulnerability level is a high risk.  CVSS v3 Base Score is 7.0.

Attackers can use heap-based buffer overflow vulnerability to gain root privileges after obtaining server permissions. Currently, Debian has fixed the vulnerability, Centos is still affected.

Vulnerability Detail

A heap-based buffer overflow was found in the way sudo parsed command line parameters. Any local user (normal user and system user, sudoer and non-sudoers) can exploit this vulnerability without authentication, and the attacker does not need to know the user’s password. Successfully exploiting this vulnerability to gain root privileges.

How to exploit this bug

Log in to the system as a non-root user and use the command sudoedit -s /

  • -If you see an error that starts with sudoedit:, it indicates that there is a vulnerability.
  • -If you see an error starting with usage:, then the patch has taken effect.

Demo

Affected version

  • sudo: 1.8.2 – 1.8.31p2
  • sudo: 1.9.0 – 1.9.5p1

Solution

In this regard, we recommend that users upgrade sudo to the latest version in time.