Home

CVE-2021-3156

Description

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via sudoedit -s and a command-line argument that ends with a single backslash character.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
92.483

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in IBM Security Guardium 10.5Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 10.6Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.1Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.2Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.3Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.0Windows
Vulnerabilities CVE-2021-1805,CVE-2021-1806,CVE-2021-3156 are fixed in MacOS Big Sur 11.2.1 - Software UpdateMac
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.7 - Auto RebootMac
Multiple vulnerabilities are fixed in macOS Catalina 10.15.7 Combo Update - Auto RebootMac
sudo security update(DSA-4839-1) sudo_1.8.27-1+deb10u3_i386.debLinux
sudo security update(DSA-4839-1) sudo_1.8.27-1+deb10u3_amd64.debLinux
SUSE-SU-2021:0225-1(SUSE Linux Enterprise Server 12-SP5 ) sudo-1.8.27-4.6.1.x86_64.rpmLinux
SUSE-SU-2021:0225-1(SUSE Linux Enterprise Server 12-SP5 ) sudo-debuginfo-1.8.27-4.6.1.x86_64.rpmLinux
SUSE-SU-2021:0225-1(SUSE Linux Enterprise Server 12-SP5 ) sudo-debugsource-1.8.27-4.6.1.x86_64.rpmLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo_1.9.1-1ubuntu1.1_i386.debLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo_1.9.1-1ubuntu1.1_amd64.debLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo_1.8.31-1ubuntu1.2_i386.debLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo_1.8.31-1ubuntu1.2_amd64.debLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo_1.8.16-0ubuntu1.10_i386.debLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo_1.8.16-0ubuntu1.10_amd64.debLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo_1.8.21p2-3ubuntu1.4_i386.debLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo_1.8.21p2-3ubuntu1.4_amd64.debLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo-ldap_1.9.1-1ubuntu1.1_i386.debLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo-ldap_1.9.1-1ubuntu1.1_amd64.debLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo-ldap_1.8.31-1ubuntu1.2_i386.debLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo-ldap_1.8.31-1ubuntu1.2_amd64.debLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo-ldap_1.8.16-0ubuntu1.10_i386.debLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo-ldap_1.8.16-0ubuntu1.10_amd64.debLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo-ldap_1.8.21p2-3ubuntu1.4_i386.debLinux
Provide limited super user privileges to specific users (USN-4705-1) sudo-ldap_1.8.21p2-3ubuntu1.4_amd64.debLinux
(RHSA-2021:0218) sudo security update sudo-1.8.29-6.el8_3.1.x86_64.rpmLinux
(RHSA-2021:0218) sudo security update sudo-debugsource-1.8.29-6.el8_3.1.x86_64.rpmLinux
(RHSA-2021:0221) sudo security update sudo-1.8.23-10.el7_9.1.x86_64.rpmLinux
(RHSA-2021:0221) sudo security update sudo-devel-1.8.23-10.el7_9.1.i686.rpmLinux
(RHSA-2021:0221) sudo security update sudo-devel-1.8.23-10.el7_9.1.x86_64.rpmLinux
Sudo update (ELSA-2021-9019) sudo-1.8.6p3-29.0.2.el6_10.3.i686.rpmLinux
Sudo update (ELSA-2021-9019) sudo-1.8.6p3-29.0.2.el6_10.3.x86_64.rpmLinux
Sudo-devel update (ELSA-2021-9019) sudo-devel-1.8.6p3-29.0.2.el6_10.3.i686.rpmLinux
Sudo-devel update (ELSA-2021-9019) sudo-devel-1.8.6p3-29.0.2.el6_10.3.x86_64.rpmLinux
SUSE-SU-2021:1274-1(SUSE Linux Enterprise Server 12-SP5 ) sudo-1.8.27-4.15.1.x86_64.rpmLinux
SUSE-SU-2021:1274-1(SUSE Linux Enterprise Server 12-SP5 ) sudo-debuginfo-1.8.27-4.15.1.x86_64.rpmLinux
SUSE-SU-2021:1274-1(SUSE Linux Enterprise Server 12-SP5 ) sudo-debugsource-1.8.27-4.15.1.x86_64.rpmLinux
Sudo update (ELSA-2021-9169) sudo-1.8.6p3-29.0.3.el6_10.3.i686.rpmLinux
Sudo update (ELSA-2021-9169) sudo-1.8.6p3-29.0.3.el6_10.3.x86_64.rpmLinux
Sudo-devel update (ELSA-2021-9169) sudo-devel-1.8.6p3-29.0.3.el6_10.3.i686.rpmLinux
Sudo-devel update (ELSA-2021-9169) sudo-devel-1.8.6p3-29.0.3.el6_10.3.x86_64.rpmLinux
(CESA-2021:0221) sudo security update sudo-1.8.23-10.el7_9.1.x86_64.rpmLinux
(CESA-2021:0221) sudo security update sudo-devel-1.8.23-10.el7_9.1.i686.rpmLinux
(CESA-2021:0221) sudo security update sudo-devel-1.8.23-10.el7_9.1.x86_64.rpmLinux
Provide limited super user privileges to specific users (USN-4705-2) sudo_1.8.3p1-1ubuntu3.10_i386.debLinux
Provide limited super user privileges to specific users (USN-4705-2) sudo_1.8.3p1-1ubuntu3.10_amd64.debLinux
Off-by-one Error Vulnerability (CVE-2021-3156)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-605752MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)
PATCH-602673MacOS Catalina 10.15.7 - Auto Reboot
PATCH-602674macOS Catalina 10.15.7 Combo Update - Auto Reboot

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234