HIGH🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2021-3156

CVSS 7.8v3.1pub. 2021-01-26upd. 2025-11-10

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Beyondtrust Privilege Management For Mac

    APP
    Beyondtrust
    < 21.1.1
  • Beyondtrust Privilege Management For Unix\/linux

    APP
    Beyondtrust
    < 10.3.2-10
  • Debian

    OS
    Debian
    10.09.0
  • Fedora Project Fedora

    OS
    Fedoraproject
    3233
  • Mcafee Web Gateway

    APP
    Mcafee
    10.0.48.2.179.2.8
  • Netapp Active Iq Unified Manager

    APP
    Netapp
    wszystkie wersje
  • Netapp Cloud Backup

    APP
    Netapp
    wszystkie wersje
  • Netapp Hci Management Node

    APP
    Netapp
    wszystkie wersje
  • Netapp Oncommand Unified Manager Core Package

    APP
    Netapp
    wszystkie wersje
  • Netapp Ontap Select Deploy Administration Utility

    APP
    Netapp
    wszystkie wersje
  • Netapp Ontap Tools

    APP
    Netapp
    9
  • Netapp Solidfire

    APP
    Netapp
    wszystkie wersje
  • Oracle Communications Performance Intelligence Center

    APP
    Oracle
    10.3.0.0.0 – 10.3.0.2.110.4.0.1.0 – 10.4.0.3.1
  • Oracle Micros Compact Workstation 3

    HW
    Oracle
    wszystkie wersje
  • Oracle Micros Compact Workstation 3 Firmware

    OS
    Oracle
    310
  • Oracle Micros Es400

    HW
    Oracle
    wszystkie wersje
  • Oracle Micros Es400 Firmware

    OS
    Oracle
    400 – 410
  • Oracle Micros Kitchen Display System

    HW
    Oracle
    wszystkie wersje
  • Oracle Micros Kitchen Display System Firmware

    OS
    Oracle
    210
  • Oracle Micros Workstation 5a

    HW
    Oracle
    wszystkie wersje
  • Oracle Micros Workstation 5a Firmware

    OS
    Oracle
    5a
  • Oracle Micros Workstation 6

    HW
    Oracle
    wszystkie wersje
  • Oracle Micros Workstation 6 Firmware

    OS
    Oracle
    610 – 655
  • Oracle Tekelec Platform Distribution

    APP
    Oracle
    7.4.0 – 7.7.1
  • Sudo Project Sudo

    APP
    Sudo Project
    1.9.51.8.2 – 1.8.32 (bez)1.9.0 – 1.9.5 (bez)
  • Synology Diskstation Manager

    OS
    Synology
    6.2
  • Synology Diskstation Manager Unified Controller

    APP
    Synology
    3.0
  • Synology Skynas

    HW
    Synology
    wszystkie wersje
  • Synology Skynas Firmware

    OS
    Synology
    wszystkie wersje
  • Synology Vs960hd

    HW
    Synology
    wszystkie wersje

CISA KEV — detailsi

Vendori
Sudo
Producti
Sudo
Added to KEVi
April 6, 2022
Remediation deadline (US Federal)i
April 27, 2022(overdue)
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 27 kwietnia 2022
Tags
LPEMemory
CWE
References

Related vulnerabilities

CVE-2026-24061CRITICAL9.8⚠ KEVPL ✓ten sam produkt

GNU Inetutils telnetd: ominięcie uwierzytelnienia przez zmienną USER

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2025-49113CRITICAL9.9⚠ KEVPL ✓ten sam produkt

RCE przez deserializację PHP w Roundcube Webmail (parametr _from)

CVE-2025-32433CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Erlang/OTP SSH — nieuwierzytelniony RCE (CVSS 10.0)

CVE-2025-24201CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki