A vulnerability in Sudo (CVE-2021-3156), a robust and near-ubiquitous open-source service used on Linux and Unix OS, allows an unauthorized local user to gain root access to an unsafe host.
“This might be the most vital Sudo vulnerability in recent memory and has been skulking in plain sight for about ten long years,” stated Mehul Revankar, Vice President Product Management and Engineering, Qualys, VMDR, and remarked that there are around millions of assets susceptible to it.
Also, Baron Samedi, the heap-based buffer overflow defect is already in Sudo legacy version 1.8.2 to version 1.8.31p2 and every stable version (1.9.0 to 1.9.5p1) configuration.
Sudo maintainer Todd C. Miller said – When Sudo operates a command in shell mode, either through the -i or -s command-line option, it emerges special characters in the command argument with a backslash. The plugin will then be removing the escape characters from the opinions before estimating the sudoers polymodal the command is running in the shell mode.
Qualys researchers reported that CVE-2021-3156, provided some of the technical details and directions on how one can validate whether they have a vulnerable version or not.
Fixes are now available-
The bug occurred been settled in Sudo 1.9.5p2. Ubuntu, Debian, Fedora, RedHat, Gentoo, and others provided a patched vendor-supported version.
A new Update released on 3rd Feb around 01:10 a.m –
Matthew Hickey (the Hacker House co-founder) has noticed that macOS Big Sur is combined with Sudo and it is vulnerable. This fact confirmed by a vulnerability analyst at the CERT/CC (Will Dormann).
IBM AIX, a proprietary Unix OS that IBM develops for a few of its computer platforms, also got affected by it. This issue has caused a lot of ruckus in the systems without making it for any use till the updates released.
Cisco is still investigating this process as to which product may be affected by this vulnerability and consistent update of security advisory with these findings.
A new Update released on 10th Feb 01:10 a.m –
Apple has exclusively released updates for macOS Mojave, macOS Big Sur, macOS Catalina that fix the flaw by modernizing to Sudo version 1.9.5p2.
Stay tuned here for updates!!