Exploited
8.4
CWE
119 193
Advisory Published
CVE Published
Updated

CVE-2021-3156: Sudo Heap-Based Buffer Overflow Vulnerability

First published: Tue Jan 19 2021(Updated: )

A heap-based buffer overflow was found in the way sudo parses command line arguments. As per the researcher this vulnerability: - is exploitable by any local user (normal users and system users, sudoers and non-sudoers), without authentication (i.e., the attacker does not need to know the user's password); - was introduced in July 2011 (commit 8255ed69), and affects all legacy versions from 1.8.2 to 1.8.31p2 and all stable versions from 1.9.0 to 1.9.5p1, in their default configuration. This could lead to privilege escalation.

Credit: cve@mitre.org Qualys cve@mitre.org

Affected SoftwareAffected VersionHow to fix
debian/sudo
1.8.27-1+deb10u3
1.8.27-1+deb10u5
1.9.5p2-3+deb11u1
1.9.13p3-1+deb12u1
1.9.14p2-1
redhat/sudo<1.9.5
1.9.5
IBM InfoSphere Guardium z/OS<=10.5
IBM InfoSphere Guardium z/OS<=10.6
IBM InfoSphere Guardium z/OS<=11.0
IBM InfoSphere Guardium z/OS<=11.1
IBM InfoSphere Guardium z/OS<=11.2
IBM InfoSphere Guardium z/OS<=11.3
Apple macOS<11.2.1
11.2.1
Apple macOS Supplemental Update<10.15.7
10.15.7
macOS Mojave<10.14.6
10.14.6
CentOS Sudo
Sudo>=1.8.2<1.8.32
Sudo>=1.9.0<1.9.5
Sudo=1.9.5
Sudo=1.9.5-patch1
Red Hat Fedora=32
Red Hat Fedora=33
Debian Linux=9.0
Debian Linux=10.0
NetApp Active IQ Unified Manager for VMware vSphere
NetApp Cloud Backup
NetApp SolidFire & HCI Management Node
NetApp OnCommand Unified Manager for Windows
NetApp ONTAP Select Deploy
NetApp ONTAP Tools for VMware vSphere=9
NetApp SolidFire & HCI Storage Node
McAfee Web Gateway Cloud Service=8.2.17
McAfee Web Gateway Cloud Service=9.2.8
McAfee Web Gateway Cloud Service=10.0.4
Synology DiskStation Manager=3.0
Synology Photos Diskstation Manager=6.2
All of
Synology SkyNAS Firmware
Synology SkyNAS Firmware
All of
Synology VS960HD
Synology VS960HD Firmware
BeyondTrust Privilege Management for Windows and Mac<21.1.1
BeyondTrust Privilege Management for Unix/Linux<10.3.2-10
All of
Oracle MICROS Compact Workstation 3=310
Oracle Micros Compact Workstation 3 Firmware
All of
Oracle Micros ES400 Firmware>=400<=410
Oracle Micros ES400 Firmware
All of
Oracle MICROS Kitchen Display System=210
Oracle Micros Kitchen Display System Firmware
All of
Oracle Micros Lucas=5a
Oracle Micros Workstation 5A Firmware
All of
Oracle MICROS Workstation 6>=610<=655
Oracle Micros Workstation 6 Firmware
Oracle Communications Performance Intelligence Center>=10.3.0.0.0<=10.3.0.2.1
Oracle Communications Performance Intelligence Center>=10.4.0.1.0<=10.4.0.3.1
Oracle Tekelec Platform Distribution>=7.4.0<=7.7.1
Synology Photos Diskstation Manager=6.2
Synology SkyNAS Firmware
Synology SkyNAS Firmware
Synology VS960HD
Synology VS960HD Firmware
Oracle MICROS Compact Workstation 3=310
Oracle Micros Compact Workstation 3 Firmware
Oracle Micros ES400 Firmware>=400<=410
Oracle Micros ES400 Firmware
Oracle MICROS Kitchen Display System=210
Oracle Micros Kitchen Display System Firmware
Oracle Micros Lucas=5a
Oracle Micros Workstation 5A Firmware
Oracle MICROS Workstation 6>=610<=655
Oracle Micros Workstation 6 Firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

  • What is the vulnerability ID for this vulnerability?

    The vulnerability ID for this vulnerability is CVE-2021-3156.

  • What is the title of this vulnerability?

    The title of this vulnerability is Sudo Heap-Based Buffer Overflow Vulnerability.

  • What is the description of this vulnerability?

    The description of this vulnerability is that Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.

  • Which software is affected by this vulnerability?

    The affected software includes Sudo, macOS Big Sur (up to version 11.2.1), macOS Catalina Supplemental Update (up to version 10.15.7), and macOS Mojave (up to version 10.14.6).

  • Where can I find more information about this vulnerability?

    More information about this vulnerability can be found at the following reference: [https://support.apple.com/en-us/HT212177](https://support.apple.com/en-us/HT212177).

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203