ubuntu - How to fix CVE-2021-3156

Question

Welcome To Ask or Share your Answers For Others

ubuntu - How to fix CVE-2021-3156

posted Oct 7, 2021 in Technique[技术] by 深蓝 (71.8m points)

ubuntu - How to fix CVE-2021-3156

sudo before v1.9.5p2 has a Heap-based buffer overflow, allowing privilege escalation to root via sudoedit -s and a command-line argument that ends with a single backslash character.

I'm wondering if it is enough to run:

sudo apt update

on a Ubuntu server to fix CVE-2021-3156?

I've been doing some reading but I haven't found any concrete answer, I guess because it is a very recent issue.

Thanks you!

question from:https://stackoverflow.com/questions/65919828/how-to-fix-cve-2021-3156

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Reply

深蓝 · Answer 1 · 2021-10-06T19:08:52+0000

You need to update APT's package list and then install the upgrade:

sudo apt-get update
sudo apt-get --only-upgrade install sudo

Categories

ubuntu - How to fix CVE-2021-3156

ubuntu - How to fix CVE-2021-3156

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags