Vulnerability CVE-2021-3156

Vulnerability CVE-2021-3156

Published: 2021-01-26

Description:

	Topic	Author	Date
High	Sudo Heap-Based Buffer Overflow	Qualys Security ...	29.01.2021
High	glibc syslog() Heap-Based Buffer Overflow	Qualys Security ...	01.02.2024

Type:

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.2/10	10/10	3.9/10

Affected software
Sudo project -> SUDO
Netapp -> Oncommand unified manager core package
Netapp -> Solidfire
Netapp -> Hci storage node
Fedoraproject -> Fedora
Debian -> Debian linux

http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html

http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html

http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html

http://www.openwall.com/lists/oss-security/2021/01/26/3

http://www.openwall.com/lists/oss-security/2021/01/27/1

http://www.openwall.com/lists/oss-security/2021/01/27/2

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/

https://security.gentoo.org/glsa/202101-33

https://security.netapp.com/advisory/ntap-20210128-0001/

https://security.netapp.com/advisory/ntap-20210128-0002/

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM

https://www.debian.org/security/2021/dsa-4839

https://www.openwall.com/lists/oss-security/2021/01/26/3

https://www.sudo.ws/stable.html#1.9.5p2