sudo before v1.9.5p2 has a Heap-based buffer overflow, allowing privilege escalation to root via sudoedit -s and a command-line argument that ends with a single backslash character.
sudo
v1.9.5p2
sudoedit -s
I'm wondering if it is enough to run:
sudo apt update
on a Ubuntu server to fix CVE-2021-3156?
CVE-2021-3156
I've been doing some reading but I haven't found any concrete answer, I guess because it is a very recent issue.
Thanks you!
You need to update APT's package list and then install the upgrade:
sudo apt-get update sudo apt-get --only-upgrade install sudo
1.4m articles
1.4m replys
5 comments
56.9k users