Sudo Vulnerability May Allow Unauthorized Root Access

A new vulnerability (CVE-2021-3156) in the powerful sudo utility could allow any unprivileged local user to gain root privileges on a vulnerable host (without authentication), reports Zeljka Zorz.

The open source sudo utility is widely used on Linux systems. The bug fix for sudo 1.9.5p2 is now available for download, and patched vendor-supported versions have been provided by Ubuntu, Red Hat, Debian, Fedora, Gentoo, and others.

Read more at HelpNetSecurity

Comments