Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Metrics
Affected Vendors & Products
References
History
Wed, 14 Aug 2024 01:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-01-26T00:00:00
Updated: 2024-08-03T16:45:51.408Z
Reserved: 2021-01-15T00:00:00
Link: CVE-2021-3156
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-01-26T21:15:12.987
Modified: 2024-07-09T18:27:53.967
Link: CVE-2021-3156
Redhat