[컴][해킹] Sudo 취약점(CVE-2021-3156)

sudo 해킹 / hacking / cracking / overflow /exploit

Sudo 취약점(CVE-2021-3156)

1. CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) | Qualys Security Blog
   
• CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) : https://www.youtube.com/watch?v=Cqom0wGyhGg
2. Reddit : Heap-based buffer overflow in Sudo (CVE-2021-3156) - obtained full root privileges on Ubuntu 20.04 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2) : netsec

이 취약점을 이용해서 여러 linux distribution 에서 root 권한을 얻을 수 있다. 관련 내용은 아래에서 확인하자.

• CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) | Qualys Security Blog >> Qualys Coverage

수정

Sudo 1.8.32 에서 수정이 됐다.

•  https://github.com/sudo-project/sudo/releases/tag/SUDO_1_8_32
• Reset valid_flags to MODE_NONINTERACTIVE for sudoedit. · sudo-project/sudo@4643d6c · GitHub 
• Fix potential buffer overflow when unescaping backslashes in user_args. · sudo-project/sudo@2d30faa · GitHub 
• Fix the memset offset when converting a v1 timestamp to TS_LOCKEXCL. · sudo-project/sudo@bf4157c · GitHub 
• Don't assume that argv is allocated as a single flat buffer. · sudo-project/sudo@14ec360 · GitHub