A security vulnerability has been discovered in the sudo program, which is commonly used on Linux systems to allow authorised users to perform privileged operations. By exploiting this vulnerability, unprivileged users may be able to gain root access without the proper authorisation.
This requires access to a local user account, and is not by itself remotely exploitable, however it could potentially be combined with other vulnerabilities, for example a remote code execution (RCE) vulnerability in a web application such as an old version of WordPress, to allow a remote attacker to gain root access to a server.
A more detailed explanation of the vulnerability can be found at https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit. Additional information can be found at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3156.
The major Linux distributions have already released patched versions of their sudo packages that fix this vulnerability, and we are working to install these on all managed servers as quickly as possible. If you have an unmanaged Linux server, then we recommend you ensure that sudo is either not installed, or has been updated to one of the fixed versions listed below:
- CentOS/Red Hat Enterprise Linux 7 - 1.8.23-10.el7_9.1
- CentOS/Red Hat Enterprise Linux 8 - 1.8.29-6.el8_3.1
- Debian 9 (Stretch) - 1.8.19p1-2.1+deb9u3
- Debian 10 (Buster) - 1.8.27-1+deb10u3
- Ubuntu 16.04 LTS (Xenial Xerus) - 1.8.16-0ubuntu1.10
- Ubuntu 18.04 LTS (Bionic Beaver) - 1.8.21p2-3ubuntu1.4
- Ubuntu 20.04 LTS (Focal Fossa) - 1.8.31-1ubuntu1.2
- Ubuntu 20.10 (Groovy Gorilla) - 1.9.1-1ubuntu1.1
On CentOS/Red Hat Enterprise Linux systems, you can check the currently installed version of sudo (if any) with:
# rpm -q sudo
and update if necessary with:
# yum update sudo
On Debian/Ubuntu systems, you can check the currently installed version
with:
# dpkg -l sudo
and update with:
# apt-get update && apt-get --only-upgrade install sudo
We also recommend that any web applications, plugins, themes etc. are kept up-to-date to reduce the risk of this or other future vulnerabilities being exploited by remote attackers.