In a recent disclosure, Quays provides technical details about a heap buffer-overflow vulnerability in the “sudo” utility that Unix and Linux system administrators use to perform administrative actions safely, without remaining logged in to the “root” user account constantly to perform other tasks. The bug, tracked as CVE-2021-3156, allows low privilege users who are not supposed to be authorized to abuse the sudo utility to gain root privileges. Because of the nature of how sudo works, this can be a costly vulnerability as having access to sudo usually means access to root privileges and being able to completely take over the system. The bug works by inconsistency in reading escaped characters in shell mode, but further details can be found in Quays’ technical report and a summary by the sudo maintainers.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is