Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Published 2021-01-26 21:15:13
Updated 2024-07-09 18:27:54
Source MITRE
View at NVD,   CVE.org
Vulnerability category: OverflowGain privilege

CVE-2021-3156 is in the CISA Known Exploited Vulnerabilities Catalog

CISA vulnerability name:
Sudo Heap-Based Buffer Overflow Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2021-3156
Added on 2022-04-06 Action due date 2022-04-27

Exploit prediction scoring system (EPSS) score for CVE-2021-3156

95.81%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2021-3156

  • Sudo Heap-Based Buffer Overflow
    Disclosure Date: 2021-01-26
    First seen: 2021-03-12
    exploit/linux/local/sudo_baron_samedit
    A heap based buffer overflow exists in the sudo command line utility that can be exploited by a local attacker to gain elevated privileges. The vulnerability was introduced in July of 2011 and affects version 1.8.2 through 1.8.31p2 as well as 1.9.0 through 1.9.5p1 in t

CVSS scores for CVE-2021-3156

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
7.2
HIGH AV:L/AC:L/Au:N/C:C/I:C/A:C
3.9
10.0
NIST
7.8
HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.8
5.9
NIST

CWE ids for CVE-2021-3156

  • A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.
    Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-3156

Products affected by CVE-2021-3156

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!