Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:1273-1

Опубликовано: 20 апр. 2021
Источник: suse-cvrf

Описание

Security update for sudo

This update for sudo fixes the following issues:

  • L3: Tenable Scan reports sudo is vulnerable to CVE-2021-3156 (bsc#1183936)

Список пакетов

HPE Helion OpenStack 8
sudo-1.8.20p2-3.23.1
Image SLES12-SP4-Azure-BYOS
sudo-1.8.20p2-3.23.1
Image SLES12-SP4-EC2-HVM-BYOS
sudo-1.8.20p2-3.23.1
Image SLES12-SP4-GCE-BYOS
sudo-1.8.20p2-3.23.1
Image SLES12-SP4-SAP-Azure
sudo-1.8.20p2-3.23.1
Image SLES12-SP4-SAP-Azure-BYOS
sudo-1.8.20p2-3.23.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
sudo-1.8.20p2-3.23.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
sudo-1.8.20p2-3.23.1
Image SLES12-SP4-SAP-EC2-HVM
sudo-1.8.20p2-3.23.1
Image SLES12-SP4-SAP-EC2-HVM-BYOS
sudo-1.8.20p2-3.23.1
Image SLES12-SP4-SAP-GCE
sudo-1.8.20p2-3.23.1
Image SLES12-SP4-SAP-GCE-BYOS
sudo-1.8.20p2-3.23.1
SUSE Linux Enterprise Server 12 SP3-BCL
sudo-1.8.20p2-3.23.1
SUSE Linux Enterprise Server 12 SP3-LTSS
sudo-1.8.20p2-3.23.1
SUSE Linux Enterprise Server 12 SP4-LTSS
sudo-1.8.20p2-3.23.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
sudo-1.8.20p2-3.23.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
sudo-1.8.20p2-3.23.1
SUSE OpenStack Cloud 8
sudo-1.8.20p2-3.23.1
SUSE OpenStack Cloud 9
sudo-1.8.20p2-3.23.1
SUSE OpenStack Cloud Crowbar 8
sudo-1.8.20p2-3.23.1
SUSE OpenStack Cloud Crowbar 9
sudo-1.8.20p2-3.23.1

Ссылки

Описание

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

Затронутые продукты
HPE Helion OpenStack 8:sudo-1.8.20p2-3.23.1
Image SLES12-SP4-Azure-BYOS:sudo-1.8.20p2-3.23.1
Image SLES12-SP4-EC2-HVM-BYOS:sudo-1.8.20p2-3.23.1
Image SLES12-SP4-GCE-BYOS:sudo-1.8.20p2-3.23.1
Ссылки