IM
IronMonkey Threat Research

CVE-2021-3156 HIGH

Published: 2021-01-26 | Last Modified: 2025-11-10 | Status: Analyzed

Description

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

Additional Descriptions (1)

Sudo versiones anteriores a 1.9.5p2 contiene un error de desbordamiento que puede resultar en un desbordamiento de búfer basado en la pila, lo que permite la escalada de privilegios a root a través de "sudoedit -s" y un argumento de línea de comandos que termina con un solo carácter de barra invertida

CVSS Metrics

Base Score: 7.8 (HIGH)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack VectorLOCAL
Attack ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
ScopeUNCHANGED
Confidentiality ImpactHIGH
Integrity ImpactHIGH
Availability ImpactHIGH

Source: [email protected]

Type: Primary

Exploitability Score: 1.8

Impact Score: 5.9

Base Score: 7.2 (HIGH)

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access VectorLOCAL
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactCOMPLETE
Integrity ImpactCOMPLETE
Availability ImpactCOMPLETE

Source: [email protected]

Type: Primary

Exploitability Score: 3.9

Impact Score: 10.0

Weaknesses

Source Type Description
[email protected] Primary
en CWE-193
134c704f-9b21-4f2e-91b3-4a467353bcc0 Secondary
en CWE-193

Affected Products

Vendor Product Version Update Type
sudo_project sudo * <built-in method update of dict object at 0x72a9cc627700> Application
sudo_project sudo * <built-in method update of dict object at 0x72a9b07351c0> Application
sudo_project sudo 1.9.5 <built-in method update of dict object at 0x72a9b0db5480> Application
sudo_project sudo 1.9.5 <built-in method update of dict object at 0x72a9b0c3f940> Application
fedoraproject fedora 32 <built-in method update of dict object at 0x72a9cc624580> Operating System
fedoraproject fedora 33 <built-in method update of dict object at 0x72a9cc626200> Operating System
debian debian_linux 9.0 <built-in method update of dict object at 0x72a9cc625a00> Operating System
debian debian_linux 10.0 <built-in method update of dict object at 0x72a9b0db72c0> Operating System
netapp active_iq_unified_manager - <built-in method update of dict object at 0x72a9cc6273c0> Application
netapp cloud_backup - <built-in method update of dict object at 0x72a9cc624340> Application
netapp hci_management_node - <built-in method update of dict object at 0x72a9cc6259c0> Application
netapp oncommand_unified_manager_core_package - <built-in method update of dict object at 0x72a9b0735300> Application
netapp ontap_select_deploy_administration_utility - <built-in method update of dict object at 0x72a9e526eec0> Application
netapp ontap_tools 9 <built-in method update of dict object at 0x72a9b0db4840> Application
netapp solidfire - <built-in method update of dict object at 0x72a9b0735940> Application
mcafee web_gateway 8.2.17 <built-in method update of dict object at 0x72a9b0736e40> Application
mcafee web_gateway 9.2.8 <built-in method update of dict object at 0x72a9b0db5c00> Application
mcafee web_gateway 10.0.4 <built-in method update of dict object at 0x72a9cd0c3180> Application
synology diskstation_manager_unified_controller 3.0 <built-in method update of dict object at 0x72a9cc627640> Application
synology diskstation_manager 6.2 <built-in method update of dict object at 0x72a9b0b027c0> Operating System
synology skynas_firmware - <built-in method update of dict object at 0x72a9cd0c0180> Operating System
synology vs960hd_firmware - <built-in method update of dict object at 0x72a9b0737880> Operating System
beyondtrust privilege_management_for_mac * <built-in method update of dict object at 0x72a9cc624280> Application
beyondtrust privilege_management_for_unix\/linux * <built-in method update of dict object at 0x72a9cd0c2b40> Application
oracle micros_compact_workstation_3_firmware 310 <built-in method update of dict object at 0x72a9cdf30cc0> Operating System
oracle micros_es400_firmware * <built-in method update of dict object at 0x72a9b0db47c0> Operating System
oracle micros_kitchen_display_system_firmware 210 <built-in method update of dict object at 0x72a9cc624200> Operating System
oracle micros_workstation_5a_firmware 5a <built-in method update of dict object at 0x72a9cc625cc0> Operating System
oracle micros_workstation_6_firmware * <built-in method update of dict object at 0x72a9b0c9b580> Operating System
oracle communications_performance_intelligence_center * <built-in method update of dict object at 0x72a9b0735880> Application
oracle communications_performance_intelligence_center * <built-in method update of dict object at 0x72a9b0736b00> Application
oracle tekelec_platform_distribution * <built-in method update of dict object at 0x72a9b0c99240> Application

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
Yes cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
Yes cpe:2.3:a:sudo_project:sudo:1.9.5:-:*:*:*:*:*:*
Yes cpe:2.3:a:sudo_project:sudo:1.9.5:patch1:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
Yes cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Yes cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
Yes cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
Yes cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
Yes cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*
Yes cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
Yes cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*
Yes cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:a:mcafee:web_gateway:8.2.17:*:*:*:*:*:*:*
Yes cpe:2.3:a:mcafee:web_gateway:9.2.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:mcafee:web_gateway:10.0.4:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:a:synology:diskstation_manager_unified_controller:3.0:*:*:*:*:*:*:*
Yes cpe:2.3:o:synology:diskstation_manager:6.2:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:synology:skynas_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:synology:skynas:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:a:beyondtrust:privilege_management_for_mac:*:*:*:*:*:*:*:*
Yes cpe:2.3:a:beyondtrust:privilege_management_for_unix\/linux:*:*:*:*:basic:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:oracle:micros_compact_workstation_3_firmware:310:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:oracle:micros_compact_workstation_3:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:oracle:micros_es400_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:oracle:micros_es400:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:oracle:micros_kitchen_display_system_firmware:210:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:oracle:micros_kitchen_display_system:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:oracle:micros_workstation_5a_firmware:5a:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:oracle:micros_workstation_5a:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:oracle:micros_workstation_6_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:oracle:micros_workstation_6:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*
Yes cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*
Yes cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*

References

Notification
Message here