Rewterz

Rewterz Threat Advisory – CVE-2020-9492 – Apache Hadoop privilege escalation

January 27, 2021
Rewterz

Rewterz Threat Alert – DanaBot Malware Makes a Return

January 27, 2021

Rewterz Threat Advisory – CVE-2021-3156 – Linux SUDO buffer overflow

Severity

High

Analysis summary

CVE-2021-3156 

Sudo is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when parsing command line arguments. By sending an “sudoedit -s” and a command-line argument that ends with a single backslash character, a local attacker could overflow a buffer and execute arbitrary code on the system with root privileges.

Impact

Privileges escalation

Affected Vendors

Linux

Affected Products

1.9.0 to 1.9.5p1

Remediation

Upgrade to the latest version of Sudo (1.9.5p2 or later).

Sudo Web site

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.