crp Posted January 28, 2021 Posted January 28, 2021 A real , legit security bug in Linux. (maybe this should be crossposted to Security forum?) a regular user can do a buffer overflow and do superuser stuff. https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit 1 Quote
securitybreach Posted January 28, 2021 Posted January 28, 2021 Yeah it was announced and patched the same day a few days ago. Quote
securitybreach Posted January 28, 2021 Posted January 28, 2021 We talked about it in Bookmem's post yesterday but your link does have a lot more detail: Most distros have offered the sudo patch for a day or two now. Quote
abarbarian Posted January 29, 2021 Posted January 29, 2021 I use sudoedit all the time as it allows me to alter files that are root protected. Quote
securitybreach Posted January 29, 2021 Posted January 29, 2021 32 minutes ago, abarbarian said: I use sudoedit all the time as it allows me to alter files that are root protected. I've do not recall using sudoedit as I always either sudo or su to root for things, depending on the file or what needs to be escalated. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.