virus logo OT Virtual Patch

Sudo.Heap.Overflow.CVE-2021-3156.Privilege.Elevation.

description-logoDescription

This indicates an attack attempt to exploit an Elevation Of Privilege Vulnerability in the Sudo The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted input. A remote attacker may be able to exploit this to leverage their privileges on vulnerable systems.

description-logoOutbreak Alert

FortiGuard Labs continues to observe attack attempts exploiting the vulnerabilities highlighted in the recent CISA advisory about Russian military cyber actors. These actors are targeting U.S. and global critical infrastructure to conduct espionage, steal data, and compromise or destroy sensitive information.

View the full Outbreak Alert Report

affected-products-logoAffected Products

Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.

Impact logoImpact

All POSIX systems that includes sudo (eg. Linux) since July 2011 (commit 8255ed69). Sudo versions- 1.8.2 to 1.8.31p2 1.9.0 to 1.9.5p1, in their default configuration. Confirmed OS- Ubuntu 16.04 Ubuntu 20.04 Debian 10 Fedora 33 Arch Linux 20210115 Other OS might be impacted.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.

ID 10001786
Created Oct 31, 2022
Updated Jul 25, 2023
CVE ID
Tags Russian Cyber Espionage
Default Action Unavailable
Active
Affected OS Linux, Other
Affected App Other