Another Sudo Root Privilege Escalation Vulnerability Got Patched, Update Now
Sudo 1.9.5p2 was released today and it addresses two security issues. The first, CVE-2021-3156 (a.k.a. Baron Samedit), was discovered by Qualys Research Labs and could allow local users (sudoers and non-sudoers) to obtain unintended access to the root (system administrator) account.
In addition, the new release patches CVE-2021-23239, a vulnerability discovered in Sudo’s sudoedit utility, which could allow a local attacker to bypass file permissions and determine if a directory exists or not. This security flaw affected Sudo versions before 1.9.5.
- Login or register to post comments
- Printer-friendly version
- 6542 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
BleepingComputer
New Linux SUDO flaw lets local users gain root privileges
Anti-Linux writers rejoice
10-years-old Sudo bug lets Linux users gain root-level access
The original
CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)
Sudo vulnerability allows attackers to gain root privileges...
Sudo vulnerability allows attackers to gain root privileges on Linux systems (CVE-2021-3156)
3 More
10-year-old Sudo Bug Lets Linux Users Gain Root-Level Access
Sudo Flaw Gives Linux Users Root Access | Decipher
Serious 10-year-old flaw in Linux sudo command; a new version patches it | Network World
Critical Vulnerability Patched in 'sudo' Utility...
Critical Vulnerability Patched in 'sudo' Utility...
PSA: If your PC runs Linux, you should update Sudo now
PSA: If your PC runs Linux, you should update Sudo now
An unpleasant sudo vulnerability
An unpleasant sudo vulnerability
Sudo Bug Gives Root Access to Mass Numbers of Linux Systems
Sudo Bug Gives Root Access to Mass Numbers of Linux Systems
Decade-old vulnerability is still affecting most Linux distro
Decade-old vulnerability is still affecting most Linux distros
Cyber Command, NSA warn to patch decade-old sudo vulnerability
Cyber Command, NSA warn to patch decade-old sudo vulnerability
‘One of the most beautiful bugs I’ve seen’: Decade-old sudo bug
‘One of the most beautiful bugs I’ve seen’: Decade-old sudo bug grants Linux root access
Sudo Vulnerability 2021: 'Baron Samedit' Bug on Linux...
Sudo Vulnerability 2021: 'Baron Samedit' Bug on Linux Gives Attackers Free Root-Level Access
Three more pieces
Bug in Linux sudo command could give any user root access
Weekly threat roundup: Apple, SonicWall, Linux Sudo
Decade-Old Sudo Flaw Discovered
Sudo Vulnerability Discovered
Sudo Vulnerability Discovered: How To Protect Your System From Baron Samedit - Front Page Linux
Researchers: Beware of 10-Year-Old Linux Vulnerability
Researchers: Beware of 10-Year-Old Linux Vulnerability
This Week In Security: Sudo, Database Breaches, And Ransomware
This Week In Security: Sudo, Database Breaches, And Ransomware
Linux sudo exploit gives root access
Linux sudo exploit gives root access
"Linux Flaw"
The Linux Flaw you can't afford to Ignore (CVE-2021-3156) [Ed: It is not a "Linux flaw" but a sudo flaw and it affects systems that are not Linux]