CVE-2021-3156
7.8 HIGHSudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to ro...
Published: 2021-01-26 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 7.8 HIGH
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-193
Affected products
| Vendor | Product |
|---|---|
| beyondtrust | active_iq_unified_manager, cloud_backup, communications_performance_intelligence_center |
| debian | active_iq_unified_manager, cloud_backup, communications_performance_intelligence_center |
| fedoraproject | active_iq_unified_manager, cloud_backup, communications_performance_intelligence_center |
| mcafee | active_iq_unified_manager, cloud_backup, communications_performance_intelligence_center |
| netapp | active_iq_unified_manager, cloud_backup, communications_performance_intelligence_center |
| oracle | active_iq_unified_manager, cloud_backup, communications_performance_intelligence_center |
| sudo_project | active_iq_unified_manager, cloud_backup, communications_performance_intelligence_center |
| synology | active_iq_unified_manager, cloud_backup, communications_performance_intelligence_center |
Description
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2021-3156
- [Exploit reference]http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html
- [Exploit reference]http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html
- [Exploit reference]http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html
- [Exploit reference]http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html
- [Exploit reference]http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html
- [Other]http://seclists.org/fulldisclosure/2021/Feb/42
- [Exploit reference]http://seclists.org/fulldisclosure/2021/Jan/79
- [Exploit reference]http://seclists.org/fulldisclosure/2024/Feb/3
- [Exploit reference]http://www.openwall.com/lists/oss-security/2021/01/26/3
- [Other]http://www.openwall.com/lists/oss-security/2021/01/27/1
- [Other]http://www.openwall.com/lists/oss-security/2021/01/27/2
- [Exploit reference]http://www.openwall.com/lists/oss-security/2021/02/15/1
- [Patch]http://www.openwall.com/lists/oss-security/2021/09/14/2
- [Exploit reference]http://www.openwall.com/lists/oss-security/2024/01/30/6
- [Other]http://www.openwall.com/lists/oss-security/2024/01/30/8
- [Other]https://kc.mcafee.com/corporate/index?page=content&id=SB10348
- [Other]https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html
- [Other]https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/
- [Other]https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/
- [Other]https://security.gentoo.org/glsa/202101-33
- [Other]https://security.netapp.com/advisory/ntap-20210128-0001/
- [Other]https://security.netapp.com/advisory/ntap-20210128-0002/
- [Other]https://support.apple.com/kb/HT212177
- [Other]https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM
- [Other]https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability
- [Other]https://www.debian.org/security/2021/dsa-4839
- [Other]https://www.kb.cert.org/vuls/id/794544
- [Exploit reference]https://www.openwall.com/lists/oss-security/2021/01/26/3
- [Patch]https://www.oracle.com//security-alerts/cpujul2021.html
- [Patch]https://www.oracle.com/security-alerts/cpuapr2022.html
- [Patch]https://www.oracle.com/security-alerts/cpuoct2021.html
- [Other]https://www.sudo.ws/stable.html#1.9.5p2
- [Other]https://www.synology.com/security/advisory/Synology_SA_21_02
- [Exploit reference]https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156
- [Exploit reference]http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html
- [Exploit reference]http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html
- [Exploit reference]http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html
- [Exploit reference]http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html
- [Exploit reference]http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html
- [Other]http://seclists.org/fulldisclosure/2021/Feb/42
- [Exploit reference]http://seclists.org/fulldisclosure/2021/Jan/79
- [Exploit reference]http://seclists.org/fulldisclosure/2024/Feb/3
- [Exploit reference]http://www.openwall.com/lists/oss-security/2021/01/26/3
- [Other]http://www.openwall.com/lists/oss-security/2021/01/27/1
- [Other]http://www.openwall.com/lists/oss-security/2021/01/27/2
- [Exploit reference]http://www.openwall.com/lists/oss-security/2021/02/15/1
- [Patch]http://www.openwall.com/lists/oss-security/2021/09/14/2
- [Exploit reference]http://www.openwall.com/lists/oss-security/2024/01/30/6
- [Other]http://www.openwall.com/lists/oss-security/2024/01/30/8
- [Other]https://kc.mcafee.com/corporate/index?page=content&id=SB10348
- [Other]https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html
- [Other]https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/
- [Other]https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/
- [Other]https://security.gentoo.org/glsa/202101-33
- [Other]https://security.netapp.com/advisory/ntap-20210128-0001/
- [Other]https://security.netapp.com/advisory/ntap-20210128-0002/
- [Other]https://support.apple.com/kb/HT212177
- [Other]https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM
- [Other]https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability
- [Other]https://www.debian.org/security/2021/dsa-4839
- [Other]https://www.kb.cert.org/vuls/id/794544
- [Exploit reference]https://www.openwall.com/lists/oss-security/2021/01/26/3
- [Patch]https://www.oracle.com//security-alerts/cpujul2021.html
- [Patch]https://www.oracle.com/security-alerts/cpuapr2022.html
- [Patch]https://www.oracle.com/security-alerts/cpuoct2021.html
- [Other]https://www.sudo.ws/stable.html#1.9.5p2
- [Other]https://www.synology.com/security/advisory/Synology_SA_21_02
- [Other]https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-3156
Related CVEs
Same vendor
- CVE-2026-35273 — Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management) (9.8 CRITICAL)
- CVE-2026-49975 — Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP ... (7.5 HIGH)
- CVE-2024-47273 — An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup Task functionality in Synology ... (4.3 MEDIUM)
- CVE-2024-47263 — An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup.Repository webapi component in ... (4.1 MEDIUM)
- CVE-2023-52951 — A cleartext transmission of sensitive information vulnerability in Synology Note Station Client before 2.2.4-703 allows man-in-the-middle... (5.9 MEDIUM)
Same CWE
- CVE-2026-8357 — LibreOffice Calc compiles cell formulas when opening a spreadsheet
- CVE-2026-54410 — nanoMODBUS through v1.23.0 contains an off-by-one buffer overflow in the recv_msg_header() function of the Modbus/TCP server that allows ... (8.6 HIGH)
- CVE-2026-46559 — ImageMagick is free and open-source software used for editing and manipulating digital images (4.0 MEDIUM)
- CVE-2026-45380 — bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files (3.6 LOW)
- CVE-2026-45358 — ImageMagick is free and open-source software used for editing and manipulating digital images (5.3 MEDIUM)