Security 10809 Published by

Updated Sudo packages to address CVE-2021-3156, which could allow an attacker to obtain root privileges, are now available for all major Linux distributions.





CVE-2021-3156

Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

Sudo

CVE-2021-3156 National Vulnerability Database (NVD)

All

Download Sudo

Sudo is distributed in source and binary package formats. For information on how the binary packages are built, see the building packages page.

Download Sudo

Arch Linux

ASA-202101-25: sudo: multiple issues

A sudo security update has been released for Arch Linux.

ASA-202101-25: sudo: multiple issues

CentOS

CESA-2021:0221 Important CentOS 7 sudo Security Update

A sudo bug fix update has been released for CentOS 7.

CESA-2021:0221 Important CentOS 7 sudo Security Update

Debian GNU/Linux

ELA-351-1 sudo security update

A sudo security update has been released for Debian GNU/Linux 8 Extended LTS to address a heap-based buffer overflow vulnerability in sudo.

ELA-351-1 sudo security update

DLA 2534-1: sudo security update

A sudo security update has been released for Debian GNU/Linux 9 LTS to address a heap-based buffer overflow vulnerability.

DLA 2534-1: sudo security update

DSA 4839-1: sudo security update

A sudo security update has been released for Debian GNU/Linux 10 to address a heap-based buffer overflow vulnerability.

DSA 4839-1: sudo security update

Fedora Linux

Fedora 33 Update: sudo-1.9.5p1-1.fc33

A sudo security update has been released for Fedora 33. SECURITY: Fedora 33 Update: sudo-1.9.5p1-1.fc33

Fedora 33 Update: sudo-1.9.5p1-1.fc33

Fedora 32 Update: sudo-1.9.5p1-1.fc32

A sudo security update has been released for Fedora 32. SECURITY: Fedora 32 Update: sudo-1.9.5p1-1.fc32

Fedora 32 Update: sudo-1.9.5p1-1.fc32

Fedora 32 Update: sudo-1.9.5p2-1.fc32

A sudo security update has been released for Fedora 32. SECURITY: Fedora 32 Update: sudo-1.9.5p2-1.fc32

Fedora 32 Update: sudo-1.9.5p2-1.fc32

Fedora 33 Update: sudo-1.9.5p2-1.fc33

A sudo security update has been released for Fedora 33. SECURITY: Fedora 33 Update: sudo-1.9.5p2-1.fc33

Fedora 33 Update: sudo-1.9.5p2-1.fc33

Gentoo Linux

GLSA 202101-33 : sudo: Multiple vulnerabilities

A sudo security update has been released for Gentoo Linux. .

GLSA 202101-33 : sudo: Multiple vulnerabilities

openSUSE

openSUSE-SU-2021:0169-1: important: Security update for sudo

A sudo security update has been released for openSUSE Leap 15.1 to address three vulnerabilities.

openSUSE-SU-2021:0169-1: important: Security update for sudo

openSUSE-SU-2021:0170-1: important: Security update for sudo

A sudo security update has been released for openSUSE Leap 15.2 to address three vulnerabilities.

openSUSE-SU-2021:0170-1: important: Security update for sudo

Oracle Linux

ELSA-2021-9019 Important: Oracle Linux 6 sudo security update

A sudo security update has been released for Oracle Linux 6.

ELSA-2021-9019 Important: Oracle Linux 6 sudo security update

ELSA-2021-0221 Important: Oracle Linux 7 sudo security update

A sudo security update has been released for Oracle Linux 7. 

ELSA-2021-0221 Important: Oracle Linux 7 sudo security update

ELSA-2021-0221 Important: Oracle Linux 7 sudo security update (aarch64)

A sudo security update (aarch64) has been released for Oracle Linux 7.

ELSA-2021-0221 Important: Oracle Linux 7 sudo security update (aarch64)

ELSA-2021-0218 Important: Oracle Linux 8 sudo security update

A sudo security update has been released for Oracle Linux 8.

ELSA-2021-0218 Important: Oracle Linux 8 sudo security update

Red Hat Enterprise Linux

RHSA-2021:0223-01: Important: sudo security update

A sudo security update has been released for Red Hat Enterprise Linux 7.6. RHSA-2021:0223-01: Important: sudo security update= Red Hat Security AdvisorySynopsis:Important: sudo security update Advisory ID: RHSA-2021:0223-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0 ...

RHSA-2021:0223-01: Important: sudo security update

RHSA-2021:0222-01: Important: sudo security update

A sudo security update has been released for Red Hat Enterprise Linux 7.7. RHSA-2021:0222-01: Important: sudo security update= Red Hat Security AdvisorySynopsis:Important: sudo security update Advisory ID: RHSA-2021:0222-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0 ...

RHSA-2021:0222-01: Important: sudo security update

RHSA-2021:0221-01: Important: sudo security update

A sudo security update has been released for Red Hat Enterprise Linux 7. RHSA-2021:0221-01: Important: sudo security update= Red Hat Security AdvisorySynopsis:Important: sudo security update Advisory ID: RHSA-2021:0221-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:022 ...

RHSA-2021:0221-01: Important: sudo security update

RHSA-2021:0224-01: Important: sudo security update

A sudo security update has been released for Red Hat Enterprise Linux 7.4. RHSA-2021:0224-01: Important: sudo security update= Red Hat Security AdvisorySynopsis:Important: sudo security update Advisory ID: RHSA-2021:0224-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0 ...

RHSA-2021:0224-01: Important: sudo security update

RHSA-2021:0227-01: Important: sudo security update

A sudo security update has been released for Red Hat Enterprise Linux 6. RHSA-2021:0227-01: Important: sudo security update= Red Hat Security AdvisorySynopsis:Important: sudo security update Advisory ID: RHSA-2021:0227-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:022 ...

RHSA-2021:0227-01: Important: sudo security update

RHSA-2021:0219-01: Important: sudo security update

A sudo security update has been released for Red Hat Enterprise Linux 8.2. RHSA-2021:0219-01: Important: sudo security update= Red Hat Security AdvisorySynopsis:Important: sudo security update Advisory ID: RHSA-2021:0219-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0 ...

RHSA-2021:0219-01: Important: sudo security update

RHSA-2021:0225-01: Important: sudo security update

A sudo security update has been released for Red Hat Enterprise Linux 7.3. RHSA-2021:0225-01: Important: sudo security update= Red Hat Security AdvisorySynopsis:Important: sudo security update Advisory ID: RHSA-2021:0225-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0 ...

RHSA-2021:0225-01: Important: sudo security update

RHSA-2021:0218-01: Important: sudo security update

A sudo security update has been released for Red Hat Enterprise Linux 8. RHSA-2021:0218-01: Important: sudo security update= Red Hat Security AdvisorySynopsis:Important: sudo security update Advisory ID: RHSA-2021:0218-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:021 ...

RHSA-2021:0218-01: Important: sudo security update

RHSA-2021:0220-01: Important: sudo security update

A sudo security update has been released for Red Hat Enterprise Linux 8.1. RHSA-2021:0220-01: Important: sudo security update= Red Hat Security AdvisorySynopsis:Important: sudo security update Advisory ID: RHSA-2021:0220-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0 ...

RHSA-2021:0220-01: Important: sudo security update

RHSA-2021:0226-01: Important: sudo security update

A sudo security update has been released for Red Hat Enterprise Linux 7.2. RHSA-2021:0226-01: Important: sudo security update= Red Hat Security AdvisorySynopsis:Important: sudo security update Advisory ID: RHSA-2021:0226-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0 ...

RHSA-2021:0226-01: Important: sudo security update

Slackware Linux

Sudo (SSA:2021-026-01)

A sudo security update has been released for Slackware Linux 14.0, 14.1, 14.2, and -current to fix security issues.

Sudo (SSA:2021-026-01)

Ubuntu Linux

USN-4705-1: Sudo vulnerabilities

A sudo security update has been released for Ubuntu Linux 16.04 LTS, 18.04 LTS, 20.04 LTS, and 20.10.

USN-4705-1: Sudo vulnerabilities

USN-4705-2: Sudo vulnerability

Updated Sudo packages has been released for Ubuntu 12.04 ESM and 14.04 ESM.

USN-4705-2: Sudo vulnerability