Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is in the KEV database since April 6, 2022.

Exploitation active

Automatable no

Technical Impact total

Affected Vendors & Products

Vendors Products
Beyondtrust
  • Privilege Management For Mac
  • Privilege Management For Unix\/linux
Debian
  • Debian Linux
Fedoraproject
  • Fedora
Mcafee
  • Web Gateway
Netapp
  • Active Iq Unified Manager
  • Cloud Backup
  • Hci Management Node
  • Oncommand Unified Manager Core Package
  • Ontap Select Deploy Administration Utility
  • Ontap Tools
  • Solidfire
Oracle
  • Communications Performance Intelligence Center
  • Micros Compact Workstation 3
  • Micros Compact Workstation 3 Firmware
  • Micros Es400
  • Micros Es400 Firmware
  • Micros Kitchen Display System
  • Micros Kitchen Display System Firmware
  • Micros Workstation 5a
  • Micros Workstation 5a Firmware
  • Micros Workstation 6
  • Micros Workstation 6 Firmware
  • Tekelec Platform Distribution
Redhat
  • Enterprise Linux
  • Rhel Aus
  • Rhel E4s
  • Rhel Els
  • Rhel Eus
  • Rhel Tus
  • Rhev Hypervisor
Sudo Project
  • Sudo
Synology
  • Diskstation Manager
  • Diskstation Manager Unified Controller
  • Skynas
  • Skynas Firmware
  • Vs960hd
  • Vs960hd Firmware

Configuration 1 [-]

OR cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
cpe:2.3:a:sudo_project:sudo:1.9.5:-:*:*:*:*:*:*
cpe:2.3:a:sudo_project:sudo:1.9.5:patch1:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*

Configuration 5 [-]

OR cpe:2.3:a:mcafee:web_gateway:8.2.17:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:9.2.8:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:10.0.4:*:*:*:*:*:*:*

Configuration 6 [-]

OR cpe:2.3:a:synology:diskstation_manager_unified_controller:3.0:*:*:*:*:*:*:*
cpe:2.3:o:synology:diskstation_manager:6.2:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:synology:skynas_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:synology:skynas:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*

Configuration 9 [-]

OR cpe:2.3:a:beyondtrust:privilege_management_for_mac:*:*:*:*:*:*:*:*
cpe:2.3:a:beyondtrust:privilege_management_for_unix\/linux:*:*:*:*:basic:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:oracle:micros_compact_workstation_3_firmware:310:*:*:*:*:*:*:*
cpe:2.3:h:oracle:micros_compact_workstation_3:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:oracle:micros_es400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:oracle:micros_es400:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:oracle:micros_kitchen_display_system_firmware:210:*:*:*:*:*:*:*
cpe:2.3:h:oracle:micros_kitchen_display_system:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:oracle:micros_workstation_5a_firmware:5a:*:*:*:*:*:*:*
cpe:2.3:h:oracle:micros_workstation_5a:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:oracle:micros_workstation_6_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:oracle:micros_workstation_6:-:*:*:*:*:*:*:*

Configuration 15 [-]

OR cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 6 Extended Lifecycle Support
sudo-0:1.8.6p3-29.el6_10.4 cpe:/o:redhat:rhel_els:6 RHSA-2021:0227 2021-01-26T00:00:00Z
Red Hat Enterprise Linux 7
sudo-0:1.8.23-10.el7_9.1 cpe:/o:redhat:enterprise_linux:7 RHSA-2021:0221 2021-01-27T00:00:00Z
Red Hat Enterprise Linux 7.2 Advanced Update Support
sudo-0:1.8.6p7-17.el7_2.3 cpe:/o:redhat:rhel_aus:7.2 RHSA-2021:0226 2021-01-26T00:00:00Z
Red Hat Enterprise Linux 7.3 Advanced Update Support
sudo-0:1.8.6p7-23.el7_3.3 cpe:/o:redhat:rhel_aus:7.3 RHSA-2021:0225 2021-01-26T00:00:00Z
Red Hat Enterprise Linux 7.4 Advanced Update Support
sudo-0:1.8.19p2-12.el7_4.2 cpe:/o:redhat:rhel_aus:7.4 RHSA-2021:0224 2021-01-26T00:00:00Z
Red Hat Enterprise Linux 7.4 Telco Extended Update Support
sudo-0:1.8.19p2-12.el7_4.2 cpe:/o:redhat:rhel_tus:7.4 RHSA-2021:0224 2021-01-26T00:00:00Z
Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions
sudo-0:1.8.19p2-12.el7_4.2 cpe:/o:redhat:rhel_e4s:7.4 RHSA-2021:0224 2021-01-26T00:00:00Z
Red Hat Enterprise Linux 7.6 Extended Update Support
sudo-0:1.8.23-3.el7_6.2 cpe:/o:redhat:rhel_eus:7.6 RHSA-2021:0223 2021-01-27T00:00:00Z
Red Hat Enterprise Linux 7.7 Extended Update Support
sudo-0:1.8.23-4.el7_7.3 cpe:/o:redhat:rhel_eus:7.7 RHSA-2021:0222 2021-01-26T00:00:00Z
Red Hat Enterprise Linux 8
sudo-0:1.8.29-6.el8_3.1 cpe:/o:redhat:enterprise_linux:8 RHSA-2021:0218 2021-01-26T00:00:00Z
Red Hat Enterprise Linux 8.1 Extended Update Support
sudo-0:1.8.25p1-8.el8_1.2 cpe:/o:redhat:rhel_eus:8.1 RHSA-2021:0220 2021-01-26T00:00:00Z
Red Hat Enterprise Linux 8.2 Extended Update Support
sudo-0:1.8.29-5.el8_2.1 cpe:/o:redhat:rhel_eus:8.2 RHSA-2021:0219 2021-01-26T00:00:00Z
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7
redhat-virtualization-host-0:4.3.13-20210127.0.el7_9 cpe:/o:redhat:enterprise_linux:7::hypervisor RHSA-2021:0395 2021-02-03T00:00:00Z
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8
redhat-virtualization-host-0:4.4.4-20210201.0.el8_3 cpe:/o:redhat:rhev_hypervisor:4.4::el8 RHSA-2021:0401 2021-02-03T00:00:00Z
References
Link Providers
http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html cve-icon cve-icon
http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html cve-icon cve-icon
http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html cve-icon cve-icon
http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html cve-icon cve-icon
http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html cve-icon cve-icon
http://seclists.org/fulldisclosure/2021/Feb/42 cve-icon cve-icon
http://seclists.org/fulldisclosure/2021/Jan/79 cve-icon cve-icon
http://seclists.org/fulldisclosure/2024/Feb/3 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2021/01/26/3 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2021/01/27/1 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2021/01/27/2 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2021/02/15/1 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2021/09/14/2 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2024/01/30/6 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2024/01/30/8 cve-icon cve-icon
https://kc.mcafee.com/corporate/index?page=content&id=SB10348 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/ cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2021-3156 cve-icon
https://security.gentoo.org/glsa/202101-33 cve-icon cve-icon
https://security.netapp.com/advisory/ntap-20210128-0001/ cve-icon cve-icon
https://security.netapp.com/advisory/ntap-20210128-0002/ cve-icon cve-icon
https://support.apple.com/kb/HT212177 cve-icon cve-icon
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM cve-icon cve-icon
https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability cve-icon cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog cve-icon
https://www.cve.org/CVERecord?id=CVE-2021-3156 cve-icon
https://www.debian.org/security/2021/dsa-4839 cve-icon cve-icon
https://www.kb.cert.org/vuls/id/794544 cve-icon cve-icon
https://www.openwall.com/lists/oss-security/2021/01/26/3 cve-icon cve-icon
https://www.oracle.com//security-alerts/cpujul2021.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpuapr2022.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpuoct2021.html cve-icon cve-icon
https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt cve-icon
https://www.sudo.ws/alerts/unescape_overflow.html cve-icon
https://www.sudo.ws/stable.html#1.9.5p2 cve-icon cve-icon
https://www.synology.com/security/advisory/Synology_SA_21_02 cve-icon cve-icon
https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156 cve-icon cve-icon
History

Mon, 03 Feb 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2022-04-06'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 14 Jan 2025 19:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:* cpe:2.3:o:synology:diskstation_manager:6.2:*:*:*:*:*:*:*

Wed, 18 Sep 2024 16:45:00 +0000

Type Values Removed Values Added
References

Wed, 14 Aug 2024 01:00:00 +0000

Type Values Removed Values Added
References
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-02-03T16:17:09.060Z

Reserved: 2021-01-15T00:00:00.000Z

Link: CVE-2021-3156

cve-icon Vulnrichment

Updated: 2024-08-03T16:45:51.408Z

cve-icon NVD

Status : Modified

Published: 2021-01-26T21:15:12.987

Modified: 2025-02-03T17:15:12.143

Link: CVE-2021-3156

cve-icon Redhat

Severity : Important

Publid Date: 2021-01-26T18:00:00Z

Links: CVE-2021-3156 - Bugzilla