CVE-2021-3156 Sudo Privilege Escalation

Summary

Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

 

Is LoadMaster vulnerable?

LoadMaster is not impacted.

 

Is Kemp 360 Central vulnerable?

Kemp 360 Central is vulnerable since the current version of sudo (1.8.9p5) utilized is affected, it is not exploitable without successfully authenticated access, as well as diagnostic access, will need to be enabled for SSH access.

 

Is Kemp 360 Vision vulnerable?

Kemp 360 Vision is not impacted.

 

Recommended Actions

To mitigate this vulnerability, restrict access to the management interface with appropriate network controls, and restrict access for affected systems to only trusted users.

 

Additional Information

For additional information about the discovered vulnerability:

CVE-2021-3156 (cve.mitre.org and NIST)

 

These pages also include the latest links to the security pages for the platform providers.

 

Kemp is committed to resolving security vulnerabilities carefully and quickly. If you think you have found a security flaw in a Kemp product, please send all supporting information to securityalert@kemp.ax.

Was this article helpful?

0 out of 0 found this helpful

Comments