Skip to content

sudo vulnerability #665

Answered by crramirez
vmelamed asked this question in Q&A
Jan 27, 2021 · 1 comments · 1 reply
Discussion options

You must be logged in to vote

Hello,

Yes.

apt-get changelog sudo

sudo (1.9.5p1-1.1) unstable; urgency=high

  * Non-maintainer upload.
  * Heap-based buffer overflow (CVE-2021-3156)
    - Reset valid_flags to MODE_NONINTERACTIVE for sudoedit
    - Add sudoedit flag checks in plugin that are consistent with front-end
    - Fix potential buffer overflow when unescaping backslashes in user_args
    - Fix the memset offset when converting a v1 timestamp to TS_LOCKEXCL
    - Don't assume that argv is allocated as a single flat buffer

 -- Salvatore Bonaccorso <[email protected]>  Wed, 20 Jan 2021 10:11:47 +0100

Replies: 1 comment 1 reply

Comment options

You must be logged in to vote
1 reply
@symbiont-val-melamed
Comment options

Answer selected by crramirez
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
3 participants