Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
  • Security flaw in Sudo - Heap-Based Buffer Overflow allow root access | jimiwikman.se
    Kryptera.se

    On Kryptera.se, writes the IT security specialist Jonas Lejon who has worked with encryption and qualified IT security for over 18 years. The site is independent and non-profit.

    Jonas is one of Sweden's foremost experts in cyber security. Feel free to contact him on telephone number 010 1889848 or jonas@triop.se if your organization needs help with cyber security. You can also contact me on LinkedIn or Twitter.

    This article has been reposted with permission from Jonas Lejon.

    Security flaw in Sudo - Heap-Based Buffer Overflow allow root access

    Posted , 319 views, 0 comments License CC-BY-4.0

    A new security flaw has been identified in the sudo software. Sudo, which is installed by default in many operating systems, is by default setuid root. This means that any shortcomings can lead to local users being able to obtain root permissions.

    Over the years, sudo has also become larger and more features have been added. This has i.a. led to OpenBSD now having an option called doas.

    Yesterday, the American security company Qualys reported that they had identified a vulnerability in sudo (CVE-2021-3156). The vulnerability allows a local user to exploit a heap vulnerability and thus become rooted. The bug has been around since 2011 and is found in the standard configuration. It is important to point out that it is included in the standard configuration, as many vulnerabilities discovered in sudo require special configurations.

    The vulnerability is found in the set_cmnd () function and can be most easily triggered by using sudoedit and the following command:

    sudoedit -s '\' `perl -e 'print "A" x 65536'` 

    And if you are vulnerable, you get a segfault. Please note that you need a local account but not a member of sudoers or similar. And that not all installations have sudoedit, such as macOS.

    Video from Qualys showing vulnerability:

     

    User Feedback

    Recommended Comments

    There are no comments to display.



    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

×
×
  • Create New...