DEV Community

Cover image for CVE-2021-3156: Sudo Heap-Based Buffer Overflow Vulnerability
Freedom Coder
Freedom Coder

Posted on • Originally published at scyscan.com

CVE-2021-3156: Sudo Heap-Based Buffer Overflow Vulnerability

CVE ID

CVE-2021-3156

Vulnerability Name

Sudo Heap-Based Buffer Overflow Vulnerability

  • Project: Sudo
  • Product: Sudo

Date

  • Date Added: 2022-04-06
  • Due Date: 2022-04-27

Description

Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://nvd.nist.gov/vuln/detail/CVE-2021-3156

Related Security News

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List

Top comments (0)