Linux Security
    Linux Security
    Linux Security

    ArchLinux: 202101-25: sudo: multiple issues

    Date 26 Jan 2021
    218
    Posted By LinuxSecurity Advisories
    The package sudo before version 1.9.5.p2-1 is vulnerable to multiple issues including privilege escalation and information disclosure.
    Arch Linux Security Advisory ASA-202101-25
    ==========================================
    
    Severity: Critical
    Date    : 2021-01-20
    CVE-ID  : CVE-2021-3156 CVE-2021-23239
    Package : sudo
    Type    : multiple issues
    Remote  : No
    Link    : https://security.archlinux.org/AVG-1431
    
    Summary
    =======
    
    The package sudo before version 1.9.5.p2-1 is vulnerable to multiple
    issues including privilege escalation and information disclosure.
    
    Resolution
    ==========
    
    Upgrade to 1.9.5.p2-1.
    
    # pacman -Syu "sudo>=1.9.5.p2-1"
    
    The problems have been fixed upstream in version 1.9.5.p2.
    
    Workaround
    ==========
    
    None.
    
    Description
    ===========
    
    - CVE-2021-3156 (privilege escalation)
    
    A serious heap-based buffer overflow has been discovered in sudo before
    version 1.9.5p2 that is exploitable by any local user. It has been
    given the name Baron Samedit by its discoverer. The bug can be
    leveraged to elevate privileges to root, even if the user is not listed
    in the sudoers file. User authentication is not required to exploit the
    bug.
    
    - CVE-2021-23239 (information disclosure)
    
    A security issue was found in sudo before version 1.9.5. A race
    condition in sudoedit could have allowed an attacker to test for the
    existence of directories in arbitrary locations in the file system.
    
    Impact
    ======
    
    Any unprivileged user can escalate privileges, and a local attacker
    could figure out file locations through a race condition.
    
    References
    ==========
    
    https://www.openwall.com/lists/oss-security/2021/01/11/2
    https://www.sudo.ws/alerts/unescape_overflow.html
    https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit
    https://www.openwall.com/lists/oss-security/2021/01/26/3
    https://www.sudo.ws/repos/sudo/rev/9b97f1787804
    https://www.sudo.ws/repos/sudo/rev/a97dc92eae6b
    https://www.sudo.ws/repos/sudo/rev/049ad90590be
    https://www.sudo.ws/repos/sudo/rev/09f98816fc89
    https://www.sudo.ws/repos/sudo/rev/c125fbe68783
    https://www.sudo.ws/repos/sudo/rev/ea19d0073c02
    https://security.archlinux.org/CVE-2021-3156
    https://security.archlinux.org/CVE-2021-23239
    

    LinuxSecurity Poll

    Which is the best secure Linux distro for pentesting?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/50-which-is-the-best-secure-linux-distro-for-pentesting?task=poll.vote&format=json
    50
    radio
    [{"id":"174","title":"Kali Linux","votes":"9","type":"x","order":"1","pct":56.25,"resources":[]},{"id":"175","title":"Parrot OS","votes":"7","type":"x","order":"2","pct":43.75,"resources":[]},{"id":"176","title":"BlackArch Linux","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.