Sudo is a free software that allows a system administrator to give users the ability or privileges to run commands as a root user. It is available for Unix and Linux-based operating systems.
Recently, a research team at Qualys discovered a heap-based overflow vulnerability in Sudo utility.
The bug (CVE-2021-3156), dubbed “Baron Semedit,” can be exploited by an attacker or any unprivileged user to obtain root privileges without being listed in the sudoers file.
This flaw lets local users have all root-level access, even though they don’t have permissions.
Surprisingly, this Sudo Bug has remained since July 2011 affecting all Sudo legacy versions from 1.8.2 to 1.8.31p2 and all stable versions from 1.9.0 to 1.9.5p1 in their default configuration.
If you want to test whether your system is vulnerable or not, login to the system as a non-root user and run a command:
sudoedit -s /
If your system is vulnerable, it will respond with an error that starts with “sudoedit:” or if not, it will respond with an error that starts with “usage:”.
For complete technical details, you can read the blog post by Qualys.
How To Resolve Sudo Vulnerability?
If you’re using Linux-based operating system, you should update your system or Sudo package right now to fix this security flaw.
# For Ubuntu or Debian-based $ sudo apt update && sudo apt upgrade # For Arch Linuux $ sudo pacman -Syu #For Fedora $ sudo dnf update
This is because the Linux Sudo bug has been fixed in the latest Sudo v1.9.5p2, which you can either download from here or get patches already provided by Ubuntu, RedHat, Debian, Fedora, Gentoo, and others.