Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Metrics
Affected Vendors & Products
References
History
Wed, 18 Sep 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 14 Aug 2024 01:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-01-26T00:00:00
Updated: 2024-09-18T16:41:27.031257
Reserved: 2021-01-15T00:00:00
Link: CVE-2021-3156
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-01-26T21:15:12.987
Modified: 2024-11-21T06:21:01.083
Link: CVE-2021-3156
Redhat