CVE-2021-3156: Sudo Heap-Based Buffer Overflow Vulnerability Alert
Attackers can use heap-based buffer overflow vulnerability to gain root privileges after obtaining server permissions. Currently, Debian has fixed the vulnerability, Centos is still affected.
Vulnerability Detail
A heap-based buffer overflow was found in the way sudo parsed command line parameters. Any local user (normal user and system user, sudoer and non-sudoers) can exploit this vulnerability without authentication, and the attacker does not need to know the user’s password. Successfully exploiting this vulnerability to gain root privileges.
How to exploit this bug
Log in to the system as a non-root user and use the command sudoedit -s /
- -If you see an error that starts with sudoedit:, it indicates that there is a vulnerability.
- -If you see an error starting with usage:, then the patch has taken effect.
Demo
Affected version
- sudo: 1.8.2 – 1.8.31p2
- sudo: 1.9.0 – 1.9.5p1