USN-4705-1: Sudo vulnerabilities
26 January 2021
Several security issues were fixed in Sudo.
- sudo - Provide limited super user privileges to specific users
It was discovered that Sudo incorrectly handled memory when parsing command
lines. A local attacker could possibly use this issue to obtain unintended
access to the administrator account. (CVE-2021-3156)
It was discovered that the Sudo sudoedit utility incorrectly handled
checking directory permissions. A local attacker could possibly use this
issue to bypass file permissions and determine if a directory exists or
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.
- USN-4705-2: sudo, sudo-ldap