Heap-based buffer overflow in Sudo vulnerability - sudo version impacted?
The list of versions you’re looking at only documents versions of sudo
released by the sudo
project itself. Distributions such as Ubuntu typically add patches to address such security vulnerabilities, instead of upgrading to the latest version of sudo
.
To determine whether your version is affected, you need to look at the security information provided by your distribution; in this instance, the relevant notice is USN-4705-1, which indicates that your version is fixed.
You can also look at the package changelog, in /usr/share/doc/sudo/changelog.Debian.gz
; this should list the CVEs addressed by the version currently installed on your system (if any):
* SECURITY UPDATE: dir existence issue via sudoedit race
- debian/patches/CVE-2021-23239.patch: fix potential directory existing
info leak in sudoedit in src/sudo_edit.c.
- CVE-2021-23239
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2021-3156-pre1.patch: check lock record size in
plugins/sudoers/timestamp.c.
- debian/patches/CVE-2021-3156-pre2.patch: sanity check size when
converting the first record to TS_LOCKEXCL in
plugins/sudoers/timestamp.c.
- debian/patches/CVE-2021-3156-1.patch: reset valid_flags to
MODE_NONINTERACTIVE for sudoedit in src/parse_args.c.
- debian/patches/CVE-2021-3156-2.patch: add sudoedit flag checks in
plugin in plugins/sudoers/policy.c.
- debian/patches/CVE-2021-3156-3.patch: fix potential buffer overflow
when unescaping backslashes in plugins/sudoers/sudoers.c.
- debian/patches/CVE-2021-3156-4.patch: fix the memset offset when
converting a v1 timestamp to TS_LOCKEXCL in
plugins/sudoers/timestamp.c.
- debian/patches/CVE-2021-3156-5.patch: don't assume that argv is
allocated as a single flat buffer in src/parse_args.c.
- CVE-2021-3156