CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)

Arun

• January 27, 2021 01:55

• 

  vacancy

  • January 27, 2021 10:16

  Sudo packages are being updated in the last cpanel update. My servers are updated automatically. If you want to update manually, you can use the yum -y upgrade command. The package in which the vulnerability was fixed. sudo.x86_64 0: 1.8.23-10.el7_9.1 (redhat - centos 7)

  0
• 

  chposter

  • January 27, 2021 10:36

  Cloudlinux however has not still updated the package. I am changing the perms of /usr/bin/sudo to 000 until update.

  0
• 

  cPRex Jurassic Moderator

  • January 27, 2021 14:24

  Hey hey! CentOS already has this resolved, and CloudLinux has said they'll have a patch within the next 1-3 days :D

  0
• 

  vacancy

  • January 27, 2021 19:45

  Cloudlinux published update. You can update with the command below. yum clean all yum -y update sudo*
  

  0
• 

  cPRex Jurassic Moderator

  • January 27, 2021 19:52

  That came out even quicker than they told me this morning :D

  0

Please sign in to leave a comment.