Sudo vulnerability allows attackers to gain root privileges on Linux systems (CVE-2021-3156)

In recent few days before, security researchers have discovered a new heap buffer overflow vulnerability. This vulnerability can be very dangerous for your system. Because, by taking advantage of this Vulnerability, any unauthorized user can gain root privileges without having a password. This means any normal user can get root access without having any password. Once gets access, then they have the power to modify your system.

The heap-based buffer overflow flaw vulnerability is present in sudo legacy versions (1.8.2 to 1.8.31p2) and all stable versions (1.9.0 to 1.9.5p1) in their default configuration.




1. To check Linux OS release information:

┌──(mrdev㉿kali)-[~]
└─$ cat /etc/os-release
PRETTY_NAME="Kali GNU/Linux Rolling"
NAME="Kali GNU/Linux"
ID=kali
VERSION="2020.4"
VERSION_ID="2020.4"
VERSION_CODENAME="kali-rolling"
ID_LIKE=debian
ANSI_COLOR="1;31"
HOME_URL="https://www.kali.org/"
SUPPORT_URL="https://forums.kali.org/"
BUG_REPORT_URL="https://bugs.kali.org/"
2. To check the sudo version:

┌──(mrdev㉿kali)-[~]
└─$ sudo --version
Sudo version 1.9.3p1
Sudoers policy plugin version 1.9.3p1
Sudoers file grammar version 48
Sudoers I/O plugin version 1.9.3p1
Sudoers audit plugin version 1.9.3p1
3. When sudo runs a command in shell mode, either via the -s or -i command-line option, it escapes special characters in the command’s arguments with a backslash.

┌──(mrdev㉿kali)-[~]
└─$ sudoedit -s / 
[sudo] Password for mrdev:                                                
sudoedit: /:not a regular file
When sudo runs a command in shell mode, either via the -s or -i command-line option, it escapes special characters in the command’s arguments with a backslash. 

Patch CVE-2021-3156

To fix this vulnerability you have to follow few steps:
1. Download the latest binary file from sudo official website.
2. Extract it and open the terminal from this path:
3. To compile these binary files it needs you to have “make” install in your system.

┌──(mrdev㉿kali)-[~/Desktop/sudo-1.9.5p2]
└─$ apt-get install make 
--------------------------------------------------------------------------
--------------------------------------------------------------------------
--------------------------------------------------------------------------
┌──(mrdev㉿kali)-[~/Desktop/sudo-1.9.5p2]
└─$ sudo ./configure
--------------------------------------------------------------------------
--------------------------------------------------------------------------
--------------------------------------------------------------------------
┌──(mrdev㉿kali)-[~/Desktop/sudo-1.9.5p2]
└─$ sudo make && sudo make install
--------------------------------------------------------------------------
--------------------------------------------------------------------------
--------------------------------------------------------------------------
Patched! You are now safe.
Tags

You may like these posts

Show more

Post a Comment

0 Comments
* Please Don't Spam Here. All the Comments are Reviewed by Admin.

If you have any doubts or any queries you can specify here.

#buttons=(Ok, Go it!) #days=(20)

Our website uses cookies to enhance your experience. Learn More
Ok, Go it!