DEV Community

manish srivastava
manish srivastava

Posted on

Sudo vulnerability : Linux users are warned

So, you (to my regular readers) remember my post where I mentioned why docker is easily hackable!!!
I also differentiated // between advantages of being rootless.

If you don't remember links of these articles, you can search these in my profile.

Coming to caption. Yes [sudo] has vulnerability named :
CVE-2021-3156.

So what is it?

It has been given the name Baron Samedit by its discoverer.

This could allow any unprivileged local user to gain root privileges on a vulnerable host (without authentication).

This vulnerability was present more than 10 years.

Though it only allows escalation of privilege and not remote code execution, CVE-2021-3156 could be leveraged by attackers who look to compromise Linux systems and have already managed to get access (e.g., through brute force attacks).

What to do?
1)
RUN :

sudoedit -s '\' `perl -e 'print "A" x 65536'
Enter fullscreen mode Exit fullscreen mode

If you receive a usage or error message, sudo is not vulnerable. If the result is a Segmentation fault, sudo is vulnerable.

2)
Read this https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt

3)
Workaround:
None. Sudo version 1.9.5p2 or a patched vendor-supported version must be installed.
Fix:
The bug is fixed in sudo 1.9.5p2.

(Currently, I can't reply on dev.to . The reason moderators believe my one of reply to post was not in context with title of article. And believe it was as readers liked my reply 😂.

The reason I am not asking them to allow to lift ban as I believe it was one-sided decision taken by dev.to and after all portal belongs to them 😭.

So if you reply on this post... I won't be able to reply. Keep one side communication here if you like with me. However you can reply to others.)

Top comments (0)