Buffer Overflow in Sudo
Root privileges for local user
Recently, there was announcememnt of CVE-2021-3156 - a linux sudo security issue, which allows local user to gain root privileges. https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3156
This is very unpleasant and security fix was published recently.
Checking version of sudo
sudo dpkg -l | grep sudoaccording to debian security tracker: https://security-tracker.debian.org/tracker/CVE-2021-3156 for Debian 10 buster, this was fixed in sudo version 1.8.27-1+deb10u3 so, make sure that the version of sudo you use is higher than that version.
Automatic upgrades
If you're running Debian based system, it's very important for you to keep your systems updated on regular basis. I order to do that and apply this to all your system, you should create a cron auto update job:
sudo cat <<EOF >> /etc/cron.daily/update
#!/bin/bash
apt-get update
apt-get upgrade -y
apt-get autoclean
EOF
sudo chmod 755 /etc/cron.daily/update
sudo service cron restartAuthor bio
Matej Koval is a Full stack senior Java developer, Scrum master of a team.
Experienced in Debian Linux administration and technologies like: Spring Boot, Quarkus, Kafka, Docker, Kubernetes, Angular.
More info about me: LinkedIn