CVE-2021-3156
HIGH | Platform: macOS | Changelog
CVE Details
Description
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via “sudoedit -s” and a command-line argument that ends with a single backslash character.
CVSS 3.1 Score
| Metric | Value |
|---|---|
| Base Score | 7.8 (HIGH) |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Weakness
References
- Apple Security Advisory
- NVD Entry
- http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html (Exploit, Third Party Advisory, VDB Entry)
- http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html (Exploit, Third Party Advisory, VDB Entry)
- http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html (Exploit, Third Party Advisory, VDB Entry)
- http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html (Exploit, Third Party Advisory, VDB Entry)
- http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html (Exploit, Third Party Advisory, VDB Entry)
- http://seclists.org/fulldisclosure/2021/Feb/42 (Mailing List, Third Party Advisory)
- http://seclists.org/fulldisclosure/2021/Jan/79 (Exploit, Mailing List, Third Party Advisory)
- http://seclists.org/fulldisclosure/2024/Feb/3 (Exploit, Mailing List, Third Party Advisory)