All vulnerabilities
CVE-2021-3156
Sudo Heap-Based Buffer Overflow Vulnerability
Sudo — Sudo
- Added to KEV catalog
- 6 April 2022
- Federal remediation due date
- 27 April 2022
- Weakness classification (CWE)
- CWE-122, CWE-193
CISA Description
Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-3156
More Sudo Vulnerabilities
Confirm Your Exposure
Is this vulnerability present in your environment?
CRS delivers independent VAPT assessments that identify exactly which known-exploited vulnerabilities exist in your network, applications, and infrastructure.
Explore VAPT Services