Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HBeyondtrust Privilege Management For Mac
APPBeyondtrust< 21.1.1Beyondtrust Privilege Management For Unix\/linux
APPBeyondtrust< 10.3.2-10Debian
OSDebian10.09.0Fedora Project Fedora
OSFedoraproject3233Mcafee Web Gateway
APPMcafee10.0.48.2.179.2.8Netapp Active Iq Unified Manager
APPNetappwszystkie wersjeNetapp Cloud Backup
APPNetappwszystkie wersjeNetapp Hci Management Node
APPNetappwszystkie wersjeNetapp Oncommand Unified Manager Core Package
APPNetappwszystkie wersjeNetapp Ontap Select Deploy Administration Utility
APPNetappwszystkie wersjeNetapp Ontap Tools
APPNetapp9Netapp Solidfire
APPNetappwszystkie wersjeOracle Communications Performance Intelligence Center
APPOracle10.3.0.0.0 – 10.3.0.2.110.4.0.1.0 – 10.4.0.3.1Oracle Micros Compact Workstation 3
HWOraclewszystkie wersjeOracle Micros Compact Workstation 3 Firmware
OSOracle310Oracle Micros Es400
HWOraclewszystkie wersjeOracle Micros Es400 Firmware
OSOracle400 – 410Oracle Micros Kitchen Display System
HWOraclewszystkie wersjeOracle Micros Kitchen Display System Firmware
OSOracle210Oracle Micros Workstation 5a
HWOraclewszystkie wersjeOracle Micros Workstation 5a Firmware
OSOracle5aOracle Micros Workstation 6
HWOraclewszystkie wersjeOracle Micros Workstation 6 Firmware
OSOracle610 – 655Oracle Tekelec Platform Distribution
APPOracle7.4.0 – 7.7.1Sudo Project Sudo
APPSudo Project1.9.51.8.2 – 1.8.32 (bez)1.9.0 – 1.9.5 (bez)Synology Diskstation Manager
OSSynology6.2Synology Diskstation Manager Unified Controller
APPSynology3.0Synology Skynas
HWSynologywszystkie wersjeSynology Skynas Firmware
OSSynologywszystkie wersjeSynology Vs960hd
HWSynologywszystkie wersje
CISA KEV — detailsi
- Vendori
- Sudo
- Producti
- Sudo
- Added to KEVi
- April 6, 2022
- Remediation deadline (US Federal)i
- April 27, 2022(overdue)
Required action (CISA)i
Apply updates per vendor instructions.
CISA descriptioni
Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.
🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
⏰CISA DEADLINE: 27 kwietnia 2022
Tags
LPEMemory
References
Related vulnerabilities
CVE-2026-24061CRITICAL9.8⚠ KEVPL ✓ten sam produkt
GNU Inetutils telnetd: ominięcie uwierzytelnienia przez zmienną USER
CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
CVE-2025-49113CRITICAL9.9⚠ KEVPL ✓ten sam produkt
RCE przez deserializację PHP w Roundcube Webmail (parametr _from)
CVE-2025-32433CRITICAL10.0⚠ KEVPL ✓ten sam produkt
Erlang/OTP SSH — nieuwierzytelniony RCE (CVSS 10.0)
CVE-2025-24201CRITICAL10.0⚠ KEVPL ✓ten sam produkt
Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki