The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Sudo: buffer overflow via Command Unescaping Backslashes

Synthesis of the vulnerability 

An attacker can trigger a buffer overflow via Command Unescaping Backslashes of Sudo, in order to trigger a denial of service, and possibly to run code.
Impacted software: Mac OS X, Nexus by Cisco, NX-OS, Debian, Fedora, QRadar SIEM, Junos Space, Junos Space Network Management Platform, McAfee Web Gateway, openSUSE Leap, Solaris, RHEL, Slackware, Sudo, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu, AdminBastion.
Severity of this computer vulnerability: 2/4.
Creation date: 27/01/2021.
Références of this announce: 6442607, CERTFR-2021-AVI-063, CERTFR-2021-AVI-108, cisco-sa-sudo-privesc-jan2021-qnYQfcM, CVE-2021-3156, DLA-2534-1, DSA-4839-1, FEDORA-2021-2cb63d912a, FEDORA-2021-8840cbdccd, HT212177, JSA11174, JSA11176, openSUSE-SU-2021:0169-1, openSUSE-SU-2021:0170-1, RHSA-2021:0218-01, RHSA-2021:0219-01, RHSA-2021:0220-01, RHSA-2021:0221-01, RHSA-2021:0222-01, RHSA-2021:0223-01, RHSA-2021:0224-01, RHSA-2021:0225-01, RHSA-2021:0226-01, RHSA-2021:0227-01, SB10348, SSA:2021-026-01, SUSE-SU-2021:0225-1, SUSE-SU-2021:0226-1, SUSE-SU-2021:0227-1, SUSE-SU-2021:0232-1, SUSE-SU-2021:0928-1, Synology-SA-21:02, USN-4705-1, USN-4705-2, VIGILANCE-VUL-34414.

Description of the vulnerability 

An attacker can trigger a buffer overflow via Command Unescaping Backslashes of Sudo, in order to trigger a denial of service, and possibly to run code.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This weakness note impacts software or systems such as Mac OS X, Nexus by Cisco, NX-OS, Debian, Fedora, QRadar SIEM, Junos Space, Junos Space Network Management Platform, McAfee Web Gateway, openSUSE Leap, Solaris, RHEL, Slackware, Sudo, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu, AdminBastion.

Our Vigil@nce team determined that the severity of this threat note is medium.

The trust level is of type confirmed by the editor, with an origin of user shell.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this computer weakness.

Solutions for this threat 

Sudo: version 1.9.5p2.
The version 1.9.5p2 is fixed:
  https://www.sudo.ws/

Apple macOS: version 10.14.6 Security Update 2021-002.
The version 10.14.6 Security Update 2021-002 is fixed:
  https://support.apple.com/

Apple macOS: version 10.15.7 Supplemental Update 19H524.
The version 10.15.7 Supplemental Update 19H524 is fixed:
  https://support.apple.com/

Apple macOS: version 11.2.1.
The version 11.2.1 is fixed:
  https://support.apple.com/

Cisco: solution for Sudo.
The solution is indicated in information sources.

Debian 10: new sudo packages.
New packages are available:
  Debian 10: sudo 1.8.27-1+deb10u3

Debian 9: new sudo packages.
New packages are available:
  Debian 9: sudo 1.8.19p1-2.1+deb9u3

Fedora 32-33: new sudo packages.
New packages are available:
  Fedora 33: sudo 1.9.5p2-1.fc33

IBM QRadar SIEM: patch for Sudo.
A patch is indicated in information sources.

Junos Space: version 21.1R1.
The version 21.1R1 is fixed:
  https://support.juniper.net/support/downloads/
The version fixes more than 450 vulnerabilities, but only the 100 recent vulnerabilities were associated to this bulletin.

McAfee Web Gateway: fixed versions for Sudo.
Fixed versions are indicated in information sources.

openSUSE Leap 15.1-2: new sudo packages.
New packages are available:
  openSUSE Leap 15.1: sudo 1.8.22-lp151.5.12.1
  openSUSE Leap 15.2: sudo 1.8.22-lp152.8.6.1

Oracle Solaris: patch for third party software of January 2021 v2.
A patch is available:
  https://support.oracle.com/rs?type=doc&id=1448883.1

RHEL: new sudo packages.
New packages are available:
  RHEL 6.10: sudo 1.8.6p3-29.el6_10.4
  RHEL 7.2: sudo 1.8.6p7-17.el7_2.3
  RHEL 7.3: sudo 1.8.6p7-23.el7_3.3
  RHEL 7.4: sudo 1.8.19p2-12.el7_4.2
  RHEL 7.7: sudo 1.8.23-4.el7_7.3
  RHEL 7.6: sudo 1.8.23-3.el7_6.2
  RHEL 7.9: sudo 1.8.23-10.el7_9.1
  RHEL 8.1: sudo 1.8.25p1-8.el8_1.2
  RHEL 8.2: sudo 1.8.29-5.el8_2.1
  RHEL 8.3: sudo 1.8.29-6.el8_3.1

Slackware: new sudo packages.
New packages are available:
  Slackware 14.0: sudo 1.9.5p2-*-1_slack14.0
  Slackware 14.1: sudo 1.9.5p2-*-1_slack14.1
  Slackware 14.2: sudo 1.9.5p2-*-1_slack14.2

SUSE LE 12 SP2: new sudo packages (24/03/2021).
New packages are available:
  SUSE LE 12 SP2: sudo 1.8.10p3-10.32.1

SUSE LE 12 SP2: new sudo packages (27/01/2021).
New packages are available:
  SUSE LE 12 SP2: sudo 1.8.10p3-10.29.1

SUSE LE: new sudo packages.
New packages are available:
  SUSE LE 12 SP3: sudo 1.8.20p2-3.20.1
  SUSE LE 12 SP4: sudo 1.8.20p2-3.20.1
  SUSE LE 12 SP5: sudo 1.8.27-4.6.1
  SUSE LE 15 RTM: sudo 1.8.22-4.15.1
  SUSE LE 15 SP1: sudo 1.8.22-4.15.1
  SUSE LE 15 SP2: sudo 1.8.22-4.15.1
  SUSE LE 15 SP3: sudo 1.8.22-4.15.1

Synology DSM: version 6.2.4-25554.
The version 6.2.4-25554 is fixed:
  https://www.synology.com/

Ubuntu: new sudo packages.
New packages are available:
  Ubuntu 20.10: sudo 1.9.1-1ubuntu1.1
  Ubuntu 20.04 LTS: sudo 1.8.31-1ubuntu1.2
  Ubuntu 18.04 LTS: sudo 1.8.21p2-3ubuntu1.4
  Ubuntu 16.04 LTS: sudo 1.8.16-0ubuntu1.10
  Ubuntu 14.04 ESM: sudo 1.8.9p5-1ubuntu1.5+esm6
  Ubuntu 12.04 ESM: sudo 1.8.3p1-1ubuntu3.10

WALLIX Bastion: patch for Sudo.
A patch is indicated in information sources.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides cybersecurity bulletins. The technology watch team tracks security threats targeting the computer system.