One minute
Sudo Vulnerability
A Sudo Vulnerability
On 1/26/21, a heap-based buffer overflow vulnerability was discovered in ‘sudo’ that can leave it exploited by an local user. Normally, sudo is supposed to escape special characters with a backslash ‘', however, a bug has made it possible to run ‘sudoedit’ with -s or -i options, meaning no escaping had been done, making a buffer overflow possible.
With these exploits, researchers were able to obtain full root privileges without being listed in the sudoers files.
To check if your version of sudo is affected try running:
sudoedit -s /
A vulnerable version will either prompt for a password or display an error similar to: sudoedit: /: not a regular file
According to Mitre, CVE-2021-3156, sudo versions before 1.9.5p2 are vulnerable.
Apple has released an update today for Big Sur, Catalina, and Mojave.
This particular vulnerability, while dangerous, still does require an attacker to have access to the machine already to trigger this.