[afnog] major sudo vulnerability
Patrick Okui
pokui at psg.com
Thu Jan 28 18:08:35 UTC 2021
Hi all,
You may have seen the news about a couple of bugs in sudo.
https://www.theregister.com/2021/01/26/qualys_sudo_bug/ is a good
summary.
Long story short any user on your system (not necessarily an admin) can
become root without a password (amongst other issues).
Updates have made it out for most systems; you should update any
multiuser systems as soon as possible.
--
patrick
ps: if you’re looking for the full details you can read
https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
More information about the afnog
mailing list