AL2021_01 Heap Buffer Overflow Vulnerability in Sudo (27th January, 2021)

A heap buffer overflow vulnerability in sudo that can be used to elevate privileges to root on the host system has been discovered by researchers.

Sudo is a command-line utility widely used on Linux and Unix Operating Systems designed to give trusted users administrative privileges when needed. This vulnerability has been given the name Baron Samedit and affects sudo versions 1.8.2 to 1.8.31p2 and 1.9.0 to 1.9.5p1.

How it Works