Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-3156

Опубликовано: 26 янв. 2021
Источник: ubuntu
Приоритет: high
EPSS Критический
CVSS2: 7.2
CVSS3: 7.8

Описание

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

РелизСтатусПримечание
bionic

released

1.8.21p2-3ubuntu1.4
devel

released

1.9.4p2-2ubuntu2
esm-infra-legacy/trusty

released

1.8.9p5-1ubuntu1.5+esm6
esm-infra/bionic

released

1.8.21p2-3ubuntu1.4
esm-infra/focal

released

1.8.31-1ubuntu1.2
esm-infra/xenial

released

1.8.16-0ubuntu1.10
focal

released

1.8.31-1ubuntu1.2
groovy

released

1.9.1-1ubuntu1.1
precise/esm

not-affected

1.8.3p1-1ubuntu3.10
trusty

ignored

end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 100%
0.92309
Критический

7.2 High

CVSS2

7.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-3156

CVSS3: 7.8
redhat
около 5 лет назад

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

nvd логотип

CVE-2021-3156

CVSS3: 7.8
nvd
около 5 лет назад

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

debian логотип

CVE-2021-3156

CVSS3: 7.8
debian
около 5 лет назад

Sudo before 1.9.5p2 contains an off-by-one error that can result in a ...

suse-cvrf логотип

openSUSE-SU-2021:0602-1

suse-cvrf
почти 5 лет назад

Security update for sudo

suse-cvrf логотип

SUSE-SU-2024:4389-1

suse-cvrf
около 1 года назад

Security update for sudo

EPSS

Процентиль: 100%
0.92309
Критический

7.2 High

CVSS2

7.8 High

CVSS3