CVE-2021-3156

Published: Jan 26, 2021

Modified: Oct 21, 2025

PUBLISHED

Description

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[debian-lts-announce] 20210126 [SECURITY] [DLA 2534-1] sudo security update

mailing-list

20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)

mailing-list

[oss-security] 20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)

mailing-list

GLSA-202101-33

vendor-advisory

DSA-4839

vendor-advisory

FEDORA-2021-2cb63d912a

vendor-advisory

FEDORA-2021-8840cbdccd

vendor-advisory

[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)

mailing-list

[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)

mailing-list

20210129 Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021

vendor-advisory

VU#794544

third-party-advisory

20210211 APPLE-SA-2021-02-09-1 macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002

mailing-list

[oss-security] 20210215 Re: sudo: Ineffective NO_ROOT_MAILER and Baron Samedit

mailing-list

https://www.oracle.com//security-alerts/cpujul2021.html

https://www.sudo.ws/stable.html#1.9.5p2

https://www.openwall.com/lists/oss-security/2021/01/26/3

http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html

https://security.netapp.com/advisory/ntap-20210128-0002/

https://security.netapp.com/advisory/ntap-20210128-0001/

http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html

http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html

http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html

https://support.apple.com/kb/HT212177

https://kc.mcafee.com/corporate/index?page=content&id=SB10348

https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability

https://www.synology.com/security/advisory/Synology_SA_21_02

[oss-security] 20210914 Re: Oracle Solaris membership in the distros list

mailing-list

https://www.oracle.com/security-alerts/cpuoct2021.html

https://www.oracle.com/security-alerts/cpuapr2022.html

[oss-security] 20240130 Re: CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()

mailing-list

[oss-security] 20240130 CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()

mailing-list

http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html

20240204 CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()

mailing-list

https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-3156

Description

Affected Products

References