CVE-2021-3156

7.8
7.8 / 10
HIGH

Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

Weakness: Out-of-bounds Write

The software writes data past the end, or before the beginning, of the intended buffer.

Published: 2021-01-26

Community Advisory

This section is open source, for any additional information that enhances or clarifies the official advisory above.

Improve Advisory

CVE-2021-3156 Exploits (40)

Show all exploits (+30):

Official CVE References

View references (25)