/[advisories]/28230.adv
ViewVC logotype

Contents of /28230.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 11287 - (show annotations) (download)
Wed Jan 27 06:58:22 2021 UTC (4 weeks, 4 days ago) by tmb
File size: 646 byte(s)
fix advisory text
1 type: security
2 subject: Updated sudo packages fix security vulnerability
3 CVE:
4 - CVE-2021-3156
5 src:
6 7:
7 core:
8 - sudo-1.9.5p2-1.mga7
9 description: |
10 A serious heap-based buffer overflow has been discovered in sudo that is
11 exploitable by any local user. It has been given the name Baron Samedit
12 by its discoverer. The bug can be leveraged to elevate privileges to
13 root, even if the user is not listed in the sudoers file. User
14 authentication is not required to exploit the bug (CVE-2021-3156).
15 references:
16 - https://bugs.mageia.org/show_bug.cgi?id=28230
17 - https://www.sudo.ws/alerts/unescape_overflow.html
18 ID: MGASA-2021-0056

  ViewVC Help
Powered by ViewVC 1.1.28