A serious bug in the Linux SUDO utility has been discovered that allows any user to gain root privilege on a Linux system.
The flaw was discovered by security firm Qualys and they describe it in their blog post as a heap overflow vulnerability that means: any unprivileged user can gain root privileges on a vulnerable host using a default sudo configuration
Sudo is a core utility found in Unix and Linux based operating systems that allows a user to run a program with the security privileges of another user. It is often used to allow system administrators to run a utility with root privileges without them needed to know or have access to the root account password for example. Sudo works by using a configuration file (called sudoers) which controls which users are allowed to invoke which specific programs.
The vulnerability discovered by Qualys means that sudo can be tricked into ignoring the restrictions of the sudoers file and allow any user to gain access to the root account and so compromise the entire server and all it contains.
This vulnerability, dubbed Baron Samedit, is tracked as CVE-2021-3156. Given the severity of the flaw, the patch to resolve the problem should be installed as quickly as possible. The vulnerability is believed to exist in all versions of Sudo on all distributions since 2011.
There is no workaround, to resolve the problem Sudo version 1.9.5p2 or a patched vendor-supported version must be installed.
More details are available from the Sudo developers.