Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-3156 (GCVE-0-2021-3156)
Vulnerability from cvelistv5 – Published: 2021-01-26 00:00 – Updated: 2025-10-21 23:35
VLAI
EPSS
CISA KEV
Summary
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Severity
7.8 (High)
SSVC
Exploitation: active
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-193 - Off-by-one Error
Assigner
References
35 references
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: bc797d5e-59c4-43df-b0b7-f59ff820eb2e
Exploited: Yes
Timestamps
First Seen: 2022-04-06
Asserted: 2022-04-06
Scope
Notes: KEV entry: Sudo Heap-Based Buffer Overflow Vulnerability | Affected: Sudo / Sudo | Description: Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation. | Required action: Apply updates per vendor instructions. | Due date: 2022-04-27 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2021-3156
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-122 CWE-193 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | Sudo |
| Due Date | 2022-04-27 |
| Date Added | 2022-04-06 |
| Vendorproject | Sudo |
| Vulnerabilityname | Sudo Heap-Based Buffer Overflow Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Created: 2026-02-02 13:25 UTC
| Updated: 2026-02-06 07:53 UTC
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:51.408Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20210126 [SECURITY] [DLA 2534-1] sudo security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html"
},
{
"name": "20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jan/79"
},
{
"name": "[oss-security] 20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/26/3"
},
{
"name": "GLSA-202101-33",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202101-33"
},
{
"name": "DSA-4839",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4839"
},
{
"name": "FEDORA-2021-2cb63d912a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/"
},
{
"name": "FEDORA-2021-8840cbdccd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/"
},
{
"name": "[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/27/1"
},
{
"name": "[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/27/2"
},
{
"name": "20210129 Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM"
},
{
"name": "VU#794544",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/794544"
},
{
"name": "20210211 APPLE-SA-2021-02-09-1 macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Feb/42"
},
{
"name": "[oss-security] 20210215 Re: sudo: Ineffective NO_ROOT_MAILER and Baron Samedit",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/02/15/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sudo.ws/stable.html#1.9.5p2"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2021/01/26/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210128-0002/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210128-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT212177"
},
{
"tags": [
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10348"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_21_02"
},
{
"name": "[oss-security] 20210914 Re: Oracle Solaris membership in the distros list",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/09/14/2"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "[oss-security] 20240130 Re: CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/8"
},
{
"name": "[oss-security] 20240130 CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"name": "20240204 CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-3156",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-03T15:43:52.658146Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-04-06",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-3156"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-193",
"description": "CWE-193 Off-by-one Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:35:29.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-3156"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-04-06T00:00:00.000Z",
"value": "CVE-2021-3156 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via \"sudoedit -s\" and a command-line argument that ends with a single backslash character."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T16:41:27.031Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[debian-lts-announce] 20210126 [SECURITY] [DLA 2534-1] sudo security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html"
},
{
"name": "20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2021/Jan/79"
},
{
"name": "[oss-security] 20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/26/3"
},
{
"name": "GLSA-202101-33",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202101-33"
},
{
"name": "DSA-4839",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4839"
},
{
"name": "FEDORA-2021-2cb63d912a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/"
},
{
"name": "FEDORA-2021-8840cbdccd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/"
},
{
"name": "[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/27/1"
},
{
"name": "[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/27/2"
},
{
"name": "20210129 Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM"
},
{
"name": "VU#794544",
"tags": [
"third-party-advisory"
],
"url": "https://www.kb.cert.org/vuls/id/794544"
},
{
"name": "20210211 APPLE-SA-2021-02-09-1 macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2021/Feb/42"
},
{
"name": "[oss-security] 20210215 Re: sudo: Ineffective NO_ROOT_MAILER and Baron Samedit",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/02/15/1"
},
{
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"url": "https://www.sudo.ws/stable.html#1.9.5p2"
},
{
"url": "https://www.openwall.com/lists/oss-security/2021/01/26/3"
},
{
"url": "http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210128-0002/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210128-0001/"
},
{
"url": "http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html"
},
{
"url": "http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html"
},
{
"url": "http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html"
},
{
"url": "https://support.apple.com/kb/HT212177"
},
{
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10348"
},
{
"url": "https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability"
},
{
"url": "https://www.synology.com/security/advisory/Synology_SA_21_02"
},
{
"name": "[oss-security] 20210914 Re: Oracle Solaris membership in the distros list",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/09/14/2"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "[oss-security] 20240130 Re: CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/8"
},
{
"name": "[oss-security] 20240130 CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"name": "20240204 CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
},
{
"url": "https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-3156",
"datePublished": "2021-01-26T00:00:00.000Z",
"dateReserved": "2021-01-15T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:35:29.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2021-3156",
"cwes": "[\"CWE-122\", \"CWE-193\"]",
"dateAdded": "2022-04-06",
"dueDate": "2022-04-27",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://nvd.nist.gov/vuln/detail/CVE-2021-3156",
"product": "Sudo",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.",
"vendorProject": "Sudo",
"vulnerabilityName": "Sudo Heap-Based Buffer Overflow Vulnerability"
},
"epss": {
"cve": "CVE-2021-3156",
"date": "2026-06-05",
"epss": "0.92579",
"percentile": "0.99755"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-3156\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-01-26T21:15:12.987\",\"lastModified\":\"2025-11-10T14:41:45.053\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via \\\"sudoedit -s\\\" and a command-line argument that ends with a single backslash character.\"},{\"lang\":\"es\",\"value\":\"Sudo versiones anteriores a 1.9.5p2 contiene un error de desbordamiento que puede resultar en un desbordamiento de b\u00fafer basado en la pila, lo que permite la escalada de privilegios a root a trav\u00e9s de \\\"sudoedit -s\\\" y un argumento de l\u00ednea de comandos que termina con un solo car\u00e1cter de barra invertida\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-04-06\",\"cisaActionDue\":\"2022-04-27\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Sudo Heap-Based Buffer Overflow Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-193\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-193\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.8.2\",\"versionEndExcluding\":\"1.8.32\",\"matchCriteriaId\":\"ED707F57-531B-4066-AFF0-7239F87B6BF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.9.0\",\"versionEndExcluding\":\"1.9.5\",\"matchCriteriaId\":\"38FC37F7-DE89-4078-BB55-EBFBF3A2D780\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sudo_project:sudo:1.9.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"436F3F62-FBA8-44CB-A5A9-AA4D7E0F9A09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sudo_project:sudo:1.9.5:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C21138F-EB70-4AAE-9F45-C75CCE59BA89\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C2089EE-5D7F-47EC-8EA5-0F69790564C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C19813-E823-456A-B1CE-EC0684CE1953\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A4D418D-B526-46B9-B439-E1963BF88C0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7CF3019-975D-40BB-A8A4-894E62BD3797\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"C2D814BE-93EC-42EF-88C5-EA7E7DF07BE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:web_gateway:8.2.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2039589-B543-49B6-AC5F-74C4253B416D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:web_gateway:9.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E014E1E-0013-434F-9C59-178DAC089687\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:web_gateway:10.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CE836FD-3453-4277-BC18-A4868C183F42\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:synology:diskstation_manager_unified_controller:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA272C48-259B-4402-BB75-552B6983CD43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:synology:diskstation_manager:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9685B12-824F-42AD-B87C-6E7A78BB7FA5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:synology:skynas_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53EF087B-D7E9-4F9A-803A-B0260C495C67\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:synology:skynas:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0A88A76-CF8A-4D29-B480-E5317219072D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D0C5120-B961-440F-B454-584BC54B549C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CCBDFF9-AF42-4681-879B-CF789EBAD130\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:beyondtrust:privilege_management_for_mac:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.1.1\",\"matchCriteriaId\":\"38A18800-4BB0-46A1-BD9D-78EC7A07E7B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:beyondtrust:privilege_management_for_unix\\\\/linux:*:*:*:*:basic:*:*:*\",\"versionEndExcluding\":\"10.3.2-10\",\"matchCriteriaId\":\"48DC5B58-0E31-480E-BF05-787287DFF42B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:micros_compact_workstation_3_firmware:310:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CE3FF32-E472-4E90-9DE5-803AD6FD9E27\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:oracle:micros_compact_workstation_3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DA4F0AD-B8A4-4EB9-A220-FEEC9B147D3C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:micros_es400_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"400\",\"versionEndIncluding\":\"410\",\"matchCriteriaId\":\"9AA5297B-05DF-4A23-B684-60F2107339B0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:oracle:micros_es400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2BBD07A-4731-41D1-AB66-77082951D99C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:micros_kitchen_display_system_firmware:210:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57E6A365-F04F-4991-888F-D8E9391A9857\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:oracle:micros_kitchen_display_system:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1424AF8-9337-427B-B6FA-C5EB8B201FB7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:micros_workstation_5a_firmware:5a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C78FDD3A-F241-4172-8725-7D51D8E705E7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:oracle:micros_workstation_5a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F607BA3F-246F-42BE-9EBD-A2CAE098C0C2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:micros_workstation_6_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"610\",\"versionEndIncluding\":\"655\",\"matchCriteriaId\":\"D59535D6-8D64-4B8F-BC1B-5846600C9F81\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:oracle:micros_workstation_6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82A66154-5DF0-43FF-9F70-1221D3E6F919\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3.0.0.0\",\"versionEndIncluding\":\"10.3.0.2.1\",\"matchCriteriaId\":\"977CA754-6CE0-4FCB-9683-D81B7A15449D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4.0.1.0\",\"versionEndIncluding\":\"10.4.0.3.1\",\"matchCriteriaId\":\"29A3F7EF-2A69-427F-9F75-DDDBEE34BA2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.4.0\",\"versionEndIncluding\":\"7.7.1\",\"matchCriteriaId\":\"26F05F85-7458-4C8F-B93F-93C92E506A40\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2021/Feb/42\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2021/Jan/79\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Feb/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/01/26/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/01/27/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/01/27/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/02/15/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/09/14/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/01/30/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/01/30/8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10348\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://security.gentoo.org/glsa/202101-33\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210128-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210128-0002/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT212177\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4839\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/794544\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2021/01/26/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.sudo.ws/stable.html#1.9.5p2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_21_02\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2021/Feb/42\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2021/Jan/79\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Feb/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/01/26/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/01/27/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/01/27/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/02/15/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/09/14/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/01/30/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/01/30/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10348\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://security.gentoo.org/glsa/202101-33\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210128-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210128-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT212177\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4839\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/794544\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2021/01/26/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.sudo.ws/stable.html#1.9.5p2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_21_02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-3156\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html\", \"name\": \"[debian-lts-announce] 20210126 [SECURITY] [DLA 2534-1] sudo security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2021/Jan/79\", \"name\": \"20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/01/26/3\", \"name\": \"[oss-security] 20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202101-33\", \"name\": \"GLSA-202101-33\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2021/dsa-4839\", \"name\": \"DSA-4839\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/\", \"name\": \"FEDORA-2021-2cb63d912a\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/\", \"name\": \"FEDORA-2021-8840cbdccd\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/01/27/1\", \"name\": \"[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/01/27/2\", \"name\": \"[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM\", \"name\": \"20210129 Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/794544\", \"name\": \"VU#794544\", \"tags\": [\"third-party-advisory\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2021/Feb/42\", \"name\": \"20210211 APPLE-SA-2021-02-09-1 macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/02/15/1\", \"name\": \"[oss-security] 20210215 Re: sudo: Ineffective NO_ROOT_MAILER and Baron Samedit\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com//security-alerts/cpujul2021.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.sudo.ws/stable.html#1.9.5p2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2021/01/26/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20210128-0002/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20210128-0001/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT212177\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10348\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.synology.com/security/advisory/Synology_SA_21_02\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/09/14/2\", \"name\": \"[oss-security] 20210914 Re: Oracle Solaris membership in the distros list\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/01/30/8\", \"name\": \"[oss-security] 20240130 Re: CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/01/30/6\", \"name\": \"[oss-security] 20240130 CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Feb/3\", \"name\": \"20240204 CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()\", \"tags\": [\"mailing-list\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T16:45:51.408Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-3156\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-03T15:43:52.658146Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-04-06\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-3156\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-04-06T00:00:00.000Z\", \"value\": \"CVE-2021-3156 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-3156\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-193\", \"description\": \"CWE-193 Off-by-one Error\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-03T16:16:14.448Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html\", \"name\": \"[debian-lts-announce] 20210126 [SECURITY] [DLA 2534-1] sudo security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2021/Jan/79\", \"name\": \"20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/01/26/3\", \"name\": \"[oss-security] 20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202101-33\", \"name\": \"GLSA-202101-33\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2021/dsa-4839\", \"name\": \"DSA-4839\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/\", \"name\": \"FEDORA-2021-2cb63d912a\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/\", \"name\": \"FEDORA-2021-8840cbdccd\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/01/27/1\", \"name\": \"[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/01/27/2\", \"name\": \"[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM\", \"name\": \"20210129 Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/794544\", \"name\": \"VU#794544\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2021/Feb/42\", \"name\": \"20210211 APPLE-SA-2021-02-09-1 macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/02/15/1\", \"name\": \"[oss-security] 20210215 Re: sudo: Ineffective NO_ROOT_MAILER and Baron Samedit\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.oracle.com//security-alerts/cpujul2021.html\"}, {\"url\": \"https://www.sudo.ws/stable.html#1.9.5p2\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2021/01/26/3\"}, {\"url\": \"http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20210128-0002/\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20210128-0001/\"}, {\"url\": \"http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html\"}, {\"url\": \"http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html\"}, {\"url\": \"http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html\"}, {\"url\": \"https://support.apple.com/kb/HT212177\"}, {\"url\": \"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10348\"}, {\"url\": \"https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability\"}, {\"url\": \"https://www.synology.com/security/advisory/Synology_SA_21_02\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/09/14/2\", \"name\": \"[oss-security] 20210914 Re: Oracle Solaris membership in the distros list\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/01/30/8\", \"name\": \"[oss-security] 20240130 Re: CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/01/30/6\", \"name\": \"[oss-security] 20240130 CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html\"}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Feb/3\", \"name\": \"20240204 CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via \\\"sudoedit -s\\\" and a command-line argument that ends with a single backslash character.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-09-18T16:41:27.031Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2021-3156\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:35:29.600Z\", \"dateReserved\": \"2021-01-15T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2021-01-26T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SUSE-SU-2021:1267-1
Vulnerability from csaf_suse - Published: 2021-04-20 08:54 - Updated: 2021-04-20 08:54Summary
Security update for sudo
Severity
Important
Notes
Title of the patch: Security update for sudo
Description of the patch: This update for sudo fixes the following issues:
- L3: Tenable Scan reports sudo is vulnerable to CVE-2021-3156 (bsc#1183936)
Patchnames: SUSE-2021-1267,SUSE-SLE-SERVER-12-SP2-BCL-2021-1267,SUSE-SLE-SERVER-12-SP2-LTSS-ERICSSON-2021-1267,SUSE-SLE-SERVER-12-SP2-LTSS-SAP-2021-1267
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:sudo-1.8.10p3-10.35.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for sudo",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for sudo fixes the following issues:\n\n- L3: Tenable Scan reports sudo is vulnerable to CVE-2021-3156 (bsc#1183936)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-1267,SUSE-SLE-SERVER-12-SP2-BCL-2021-1267,SUSE-SLE-SERVER-12-SP2-LTSS-ERICSSON-2021-1267,SUSE-SLE-SERVER-12-SP2-LTSS-SAP-2021-1267",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_1267-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:1267-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20211267-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:1267-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008659.html"
},
{
"category": "self",
"summary": "SUSE Bug 1183936",
"url": "https://bugzilla.suse.com/1183936"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3156 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3156/"
}
],
"title": "Security update for sudo",
"tracking": {
"current_release_date": "2021-04-20T08:54:52Z",
"generator": {
"date": "2021-04-20T08:54:52Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:1267-1",
"initial_release_date": "2021-04-20T08:54:52Z",
"revision_history": [
{
"date": "2021-04-20T08:54:52Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.10p3-10.35.1.aarch64",
"product": {
"name": "sudo-1.8.10p3-10.35.1.aarch64",
"product_id": "sudo-1.8.10p3-10.35.1.aarch64"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.10p3-10.35.1.aarch64",
"product": {
"name": "sudo-devel-1.8.10p3-10.35.1.aarch64",
"product_id": "sudo-devel-1.8.10p3-10.35.1.aarch64"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.10p3-10.35.1.aarch64",
"product": {
"name": "sudo-test-1.8.10p3-10.35.1.aarch64",
"product_id": "sudo-test-1.8.10p3-10.35.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.10p3-10.35.1.i586",
"product": {
"name": "sudo-1.8.10p3-10.35.1.i586",
"product_id": "sudo-1.8.10p3-10.35.1.i586"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.10p3-10.35.1.i586",
"product": {
"name": "sudo-devel-1.8.10p3-10.35.1.i586",
"product_id": "sudo-devel-1.8.10p3-10.35.1.i586"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.10p3-10.35.1.i586",
"product": {
"name": "sudo-test-1.8.10p3-10.35.1.i586",
"product_id": "sudo-test-1.8.10p3-10.35.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.10p3-10.35.1.ppc64le",
"product": {
"name": "sudo-1.8.10p3-10.35.1.ppc64le",
"product_id": "sudo-1.8.10p3-10.35.1.ppc64le"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.10p3-10.35.1.ppc64le",
"product": {
"name": "sudo-devel-1.8.10p3-10.35.1.ppc64le",
"product_id": "sudo-devel-1.8.10p3-10.35.1.ppc64le"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.10p3-10.35.1.ppc64le",
"product": {
"name": "sudo-test-1.8.10p3-10.35.1.ppc64le",
"product_id": "sudo-test-1.8.10p3-10.35.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.10p3-10.35.1.s390",
"product": {
"name": "sudo-1.8.10p3-10.35.1.s390",
"product_id": "sudo-1.8.10p3-10.35.1.s390"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.10p3-10.35.1.s390",
"product": {
"name": "sudo-devel-1.8.10p3-10.35.1.s390",
"product_id": "sudo-devel-1.8.10p3-10.35.1.s390"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.10p3-10.35.1.s390",
"product": {
"name": "sudo-test-1.8.10p3-10.35.1.s390",
"product_id": "sudo-test-1.8.10p3-10.35.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.10p3-10.35.1.s390x",
"product": {
"name": "sudo-1.8.10p3-10.35.1.s390x",
"product_id": "sudo-1.8.10p3-10.35.1.s390x"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.10p3-10.35.1.s390x",
"product": {
"name": "sudo-devel-1.8.10p3-10.35.1.s390x",
"product_id": "sudo-devel-1.8.10p3-10.35.1.s390x"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.10p3-10.35.1.s390x",
"product": {
"name": "sudo-test-1.8.10p3-10.35.1.s390x",
"product_id": "sudo-test-1.8.10p3-10.35.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.10p3-10.35.1.x86_64",
"product": {
"name": "sudo-1.8.10p3-10.35.1.x86_64",
"product_id": "sudo-1.8.10p3-10.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.10p3-10.35.1.x86_64",
"product": {
"name": "sudo-devel-1.8.10p3-10.35.1.x86_64",
"product_id": "sudo-devel-1.8.10p3-10.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.10p3-10.35.1.x86_64",
"product": {
"name": "sudo-test-1.8.10p3-10.35.1.x86_64",
"product_id": "sudo-test-1.8.10p3-10.35.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.10p3-10.35.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:sudo-1.8.10p3-10.35.1.x86_64"
},
"product_reference": "sudo-1.8.10p3-10.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3156"
}
],
"notes": [
{
"category": "general",
"text": "Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via \"sudoedit -s\" and a command-line argument that ends with a single backslash character.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:sudo-1.8.10p3-10.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3156",
"url": "https://www.suse.com/security/cve/CVE-2021-3156"
},
{
"category": "external",
"summary": "SUSE Bug 1180684 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1180684"
},
{
"category": "external",
"summary": "SUSE Bug 1181090 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1181090"
},
{
"category": "external",
"summary": "SUSE Bug 1181506 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1181506"
},
{
"category": "external",
"summary": "SUSE Bug 1181657 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1181657"
},
{
"category": "external",
"summary": "SUSE Bug 1183936 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1183936"
},
{
"category": "external",
"summary": "SUSE Bug 1218863 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1218863"
},
{
"category": "external",
"summary": "SUSE Bug 1225623 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1225623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:sudo-1.8.10p3-10.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:sudo-1.8.10p3-10.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-20T08:54:52Z",
"details": "important"
}
],
"title": "CVE-2021-3156"
}
]
}
SUSE-SU-2021:1273-1
Vulnerability from csaf_suse - Published: 2021-04-20 12:29 - Updated: 2021-04-20 12:29Summary
Security update for sudo
Severity
Important
Notes
Title of the patch: Security update for sudo
Description of the patch: This update for sudo fixes the following issues:
- L3: Tenable Scan reports sudo is vulnerable to CVE-2021-3156 (bsc#1183936)
Patchnames: HPE-Helion-OpenStack-8-2021-1273,SUSE-2021-1273,SUSE-OpenStack-Cloud-8-2021-1273,SUSE-OpenStack-Cloud-9-2021-1273,SUSE-OpenStack-Cloud-Crowbar-8-2021-1273,SUSE-OpenStack-Cloud-Crowbar-9-2021-1273,SUSE-SLE-SAP-12-SP3-2021-1273,SUSE-SLE-SAP-12-SP4-2021-1273,SUSE-SLE-SERVER-12-SP3-2021-1273,SUSE-SLE-SERVER-12-SP3-BCL-2021-1273,SUSE-SLE-SERVER-12-SP4-LTSS-2021-1273
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:sudo-1.8.20p2-3.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:sudo-1.8.20p2-3.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:sudo-1.8.20p2-3.23.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:sudo-1.8.20p2-3.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:sudo-1.8.20p2-3.23.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:sudo-1.8.20p2-3.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:sudo-1.8.20p2-3.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:sudo-1.8.20p2-3.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:sudo-1.8.20p2-3.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:sudo-1.8.20p2-3.23.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for sudo",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for sudo fixes the following issues:\n\n- L3: Tenable Scan reports sudo is vulnerable to CVE-2021-3156 (bsc#1183936)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "HPE-Helion-OpenStack-8-2021-1273,SUSE-2021-1273,SUSE-OpenStack-Cloud-8-2021-1273,SUSE-OpenStack-Cloud-9-2021-1273,SUSE-OpenStack-Cloud-Crowbar-8-2021-1273,SUSE-OpenStack-Cloud-Crowbar-9-2021-1273,SUSE-SLE-SAP-12-SP3-2021-1273,SUSE-SLE-SAP-12-SP4-2021-1273,SUSE-SLE-SERVER-12-SP3-2021-1273,SUSE-SLE-SERVER-12-SP3-BCL-2021-1273,SUSE-SLE-SERVER-12-SP4-LTSS-2021-1273",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_1273-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:1273-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20211273-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:1273-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008663.html"
},
{
"category": "self",
"summary": "SUSE Bug 1183936",
"url": "https://bugzilla.suse.com/1183936"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3156 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3156/"
}
],
"title": "Security update for sudo",
"tracking": {
"current_release_date": "2021-04-20T12:29:42Z",
"generator": {
"date": "2021-04-20T12:29:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:1273-1",
"initial_release_date": "2021-04-20T12:29:42Z",
"revision_history": [
{
"date": "2021-04-20T12:29:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.20p2-3.23.1.aarch64",
"product": {
"name": "sudo-1.8.20p2-3.23.1.aarch64",
"product_id": "sudo-1.8.20p2-3.23.1.aarch64"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.20p2-3.23.1.aarch64",
"product": {
"name": "sudo-devel-1.8.20p2-3.23.1.aarch64",
"product_id": "sudo-devel-1.8.20p2-3.23.1.aarch64"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.20p2-3.23.1.aarch64",
"product": {
"name": "sudo-test-1.8.20p2-3.23.1.aarch64",
"product_id": "sudo-test-1.8.20p2-3.23.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.20p2-3.23.1.i586",
"product": {
"name": "sudo-1.8.20p2-3.23.1.i586",
"product_id": "sudo-1.8.20p2-3.23.1.i586"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.20p2-3.23.1.i586",
"product": {
"name": "sudo-devel-1.8.20p2-3.23.1.i586",
"product_id": "sudo-devel-1.8.20p2-3.23.1.i586"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.20p2-3.23.1.i586",
"product": {
"name": "sudo-test-1.8.20p2-3.23.1.i586",
"product_id": "sudo-test-1.8.20p2-3.23.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.20p2-3.23.1.ppc64le",
"product": {
"name": "sudo-1.8.20p2-3.23.1.ppc64le",
"product_id": "sudo-1.8.20p2-3.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.20p2-3.23.1.ppc64le",
"product": {
"name": "sudo-devel-1.8.20p2-3.23.1.ppc64le",
"product_id": "sudo-devel-1.8.20p2-3.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.20p2-3.23.1.ppc64le",
"product": {
"name": "sudo-test-1.8.20p2-3.23.1.ppc64le",
"product_id": "sudo-test-1.8.20p2-3.23.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.20p2-3.23.1.s390",
"product": {
"name": "sudo-1.8.20p2-3.23.1.s390",
"product_id": "sudo-1.8.20p2-3.23.1.s390"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.20p2-3.23.1.s390",
"product": {
"name": "sudo-devel-1.8.20p2-3.23.1.s390",
"product_id": "sudo-devel-1.8.20p2-3.23.1.s390"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.20p2-3.23.1.s390",
"product": {
"name": "sudo-test-1.8.20p2-3.23.1.s390",
"product_id": "sudo-test-1.8.20p2-3.23.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.20p2-3.23.1.s390x",
"product": {
"name": "sudo-1.8.20p2-3.23.1.s390x",
"product_id": "sudo-1.8.20p2-3.23.1.s390x"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.20p2-3.23.1.s390x",
"product": {
"name": "sudo-devel-1.8.20p2-3.23.1.s390x",
"product_id": "sudo-devel-1.8.20p2-3.23.1.s390x"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.20p2-3.23.1.s390x",
"product": {
"name": "sudo-test-1.8.20p2-3.23.1.s390x",
"product_id": "sudo-test-1.8.20p2-3.23.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.20p2-3.23.1.x86_64",
"product": {
"name": "sudo-1.8.20p2-3.23.1.x86_64",
"product_id": "sudo-1.8.20p2-3.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.20p2-3.23.1.x86_64",
"product": {
"name": "sudo-devel-1.8.20p2-3.23.1.x86_64",
"product_id": "sudo-devel-1.8.20p2-3.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.20p2-3.23.1.x86_64",
"product": {
"name": "sudo-test-1.8.20p2-3.23.1.x86_64",
"product_id": "sudo-test-1.8.20p2-3.23.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Helion OpenStack 8",
"product": {
"name": "HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:hpe-helion-openstack:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 8",
"product": {
"name": "SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 9",
"product": {
"name": "SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:9"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:sudo-1.8.20p2-3.23.1.x86_64"
},
"product_reference": "sudo-1.8.20p2-3.23.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:sudo-1.8.20p2-3.23.1.x86_64"
},
"product_reference": "sudo-1.8.20p2-3.23.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:sudo-1.8.20p2-3.23.1.x86_64"
},
"product_reference": "sudo-1.8.20p2-3.23.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:sudo-1.8.20p2-3.23.1.x86_64"
},
"product_reference": "sudo-1.8.20p2-3.23.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:sudo-1.8.20p2-3.23.1.x86_64"
},
"product_reference": "sudo-1.8.20p2-3.23.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:sudo-1.8.20p2-3.23.1.ppc64le"
},
"product_reference": "sudo-1.8.20p2-3.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:sudo-1.8.20p2-3.23.1.x86_64"
},
"product_reference": "sudo-1.8.20p2-3.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:sudo-1.8.20p2-3.23.1.ppc64le"
},
"product_reference": "sudo-1.8.20p2-3.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:sudo-1.8.20p2-3.23.1.x86_64"
},
"product_reference": "sudo-1.8.20p2-3.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.aarch64"
},
"product_reference": "sudo-1.8.20p2-3.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.ppc64le"
},
"product_reference": "sudo-1.8.20p2-3.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.s390x"
},
"product_reference": "sudo-1.8.20p2-3.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.x86_64"
},
"product_reference": "sudo-1.8.20p2-3.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:sudo-1.8.20p2-3.23.1.x86_64"
},
"product_reference": "sudo-1.8.20p2-3.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.aarch64"
},
"product_reference": "sudo-1.8.20p2-3.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.ppc64le"
},
"product_reference": "sudo-1.8.20p2-3.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.s390x"
},
"product_reference": "sudo-1.8.20p2-3.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.20p2-3.23.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.x86_64"
},
"product_reference": "sudo-1.8.20p2-3.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3156"
}
],
"notes": [
{
"category": "general",
"text": "Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via \"sudoedit -s\" and a command-line argument that ends with a single backslash character.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:sudo-1.8.20p2-3.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:sudo-1.8.20p2-3.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE OpenStack Cloud 8:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE OpenStack Cloud 9:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:sudo-1.8.20p2-3.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3156",
"url": "https://www.suse.com/security/cve/CVE-2021-3156"
},
{
"category": "external",
"summary": "SUSE Bug 1180684 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1180684"
},
{
"category": "external",
"summary": "SUSE Bug 1181090 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1181090"
},
{
"category": "external",
"summary": "SUSE Bug 1181506 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1181506"
},
{
"category": "external",
"summary": "SUSE Bug 1181657 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1181657"
},
{
"category": "external",
"summary": "SUSE Bug 1183936 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1183936"
},
{
"category": "external",
"summary": "SUSE Bug 1218863 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1218863"
},
{
"category": "external",
"summary": "SUSE Bug 1225623 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1225623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:sudo-1.8.20p2-3.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:sudo-1.8.20p2-3.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE OpenStack Cloud 8:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE OpenStack Cloud 9:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:sudo-1.8.20p2-3.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:sudo-1.8.20p2-3.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:sudo-1.8.20p2-3.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE OpenStack Cloud 8:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE OpenStack Cloud 9:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:sudo-1.8.20p2-3.23.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:sudo-1.8.20p2-3.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-20T12:29:42Z",
"details": "important"
}
],
"title": "CVE-2021-3156"
}
]
}
SUSE-SU-2021:1274-1
Vulnerability from csaf_suse - Published: 2021-04-20 12:29 - Updated: 2021-04-20 12:29Summary
Security update for sudo
Severity
Important
Notes
Title of the patch: Security update for sudo
Description of the patch: This update for sudo fixes the following issues:
- L3: Tenable Scan reports sudo is vulnerable to CVE-2021-3156 (bsc#1183936)
Patchnames: SUSE-2021-1274,SUSE-SLE-SDK-12-SP5-2021-1274,SUSE-SLE-SERVER-12-SP5-2021-1274
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for sudo",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for sudo fixes the following issues:\n\n- L3: Tenable Scan reports sudo is vulnerable to CVE-2021-3156 (bsc#1183936)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-1274,SUSE-SLE-SDK-12-SP5-2021-1274,SUSE-SLE-SERVER-12-SP5-2021-1274",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_1274-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:1274-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20211274-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:1274-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008662.html"
},
{
"category": "self",
"summary": "SUSE Bug 1183936",
"url": "https://bugzilla.suse.com/1183936"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3156 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3156/"
}
],
"title": "Security update for sudo",
"tracking": {
"current_release_date": "2021-04-20T12:29:59Z",
"generator": {
"date": "2021-04-20T12:29:59Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:1274-1",
"initial_release_date": "2021-04-20T12:29:59Z",
"revision_history": [
{
"date": "2021-04-20T12:29:59Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.27-4.15.1.aarch64",
"product": {
"name": "sudo-1.8.27-4.15.1.aarch64",
"product_id": "sudo-1.8.27-4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.27-4.15.1.aarch64",
"product": {
"name": "sudo-devel-1.8.27-4.15.1.aarch64",
"product_id": "sudo-devel-1.8.27-4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.27-4.15.1.aarch64",
"product": {
"name": "sudo-test-1.8.27-4.15.1.aarch64",
"product_id": "sudo-test-1.8.27-4.15.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.27-4.15.1.i586",
"product": {
"name": "sudo-1.8.27-4.15.1.i586",
"product_id": "sudo-1.8.27-4.15.1.i586"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.27-4.15.1.i586",
"product": {
"name": "sudo-devel-1.8.27-4.15.1.i586",
"product_id": "sudo-devel-1.8.27-4.15.1.i586"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.27-4.15.1.i586",
"product": {
"name": "sudo-test-1.8.27-4.15.1.i586",
"product_id": "sudo-test-1.8.27-4.15.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.27-4.15.1.ppc64le",
"product": {
"name": "sudo-1.8.27-4.15.1.ppc64le",
"product_id": "sudo-1.8.27-4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.27-4.15.1.ppc64le",
"product": {
"name": "sudo-devel-1.8.27-4.15.1.ppc64le",
"product_id": "sudo-devel-1.8.27-4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.27-4.15.1.ppc64le",
"product": {
"name": "sudo-test-1.8.27-4.15.1.ppc64le",
"product_id": "sudo-test-1.8.27-4.15.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.27-4.15.1.s390",
"product": {
"name": "sudo-1.8.27-4.15.1.s390",
"product_id": "sudo-1.8.27-4.15.1.s390"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.27-4.15.1.s390",
"product": {
"name": "sudo-devel-1.8.27-4.15.1.s390",
"product_id": "sudo-devel-1.8.27-4.15.1.s390"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.27-4.15.1.s390",
"product": {
"name": "sudo-test-1.8.27-4.15.1.s390",
"product_id": "sudo-test-1.8.27-4.15.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.27-4.15.1.s390x",
"product": {
"name": "sudo-1.8.27-4.15.1.s390x",
"product_id": "sudo-1.8.27-4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.27-4.15.1.s390x",
"product": {
"name": "sudo-devel-1.8.27-4.15.1.s390x",
"product_id": "sudo-devel-1.8.27-4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.27-4.15.1.s390x",
"product": {
"name": "sudo-test-1.8.27-4.15.1.s390x",
"product_id": "sudo-test-1.8.27-4.15.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.27-4.15.1.x86_64",
"product": {
"name": "sudo-1.8.27-4.15.1.x86_64",
"product_id": "sudo-1.8.27-4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.27-4.15.1.x86_64",
"product": {
"name": "sudo-devel-1.8.27-4.15.1.x86_64",
"product_id": "sudo-devel-1.8.27-4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.27-4.15.1.x86_64",
"product": {
"name": "sudo-test-1.8.27-4.15.1.x86_64",
"product_id": "sudo-test-1.8.27-4.15.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.27-4.15.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.aarch64"
},
"product_reference": "sudo-devel-1.8.27-4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.27-4.15.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.ppc64le"
},
"product_reference": "sudo-devel-1.8.27-4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.27-4.15.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.s390x"
},
"product_reference": "sudo-devel-1.8.27-4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.27-4.15.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.x86_64"
},
"product_reference": "sudo-devel-1.8.27-4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.27-4.15.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.aarch64"
},
"product_reference": "sudo-1.8.27-4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.27-4.15.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.ppc64le"
},
"product_reference": "sudo-1.8.27-4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.27-4.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.s390x"
},
"product_reference": "sudo-1.8.27-4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.27-4.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.x86_64"
},
"product_reference": "sudo-1.8.27-4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.27-4.15.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.aarch64"
},
"product_reference": "sudo-1.8.27-4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.27-4.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.ppc64le"
},
"product_reference": "sudo-1.8.27-4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.27-4.15.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.s390x"
},
"product_reference": "sudo-1.8.27-4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.27-4.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.x86_64"
},
"product_reference": "sudo-1.8.27-4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3156"
}
],
"notes": [
{
"category": "general",
"text": "Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via \"sudoedit -s\" and a command-line argument that ends with a single backslash character.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3156",
"url": "https://www.suse.com/security/cve/CVE-2021-3156"
},
{
"category": "external",
"summary": "SUSE Bug 1180684 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1180684"
},
{
"category": "external",
"summary": "SUSE Bug 1181090 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1181090"
},
{
"category": "external",
"summary": "SUSE Bug 1181506 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1181506"
},
{
"category": "external",
"summary": "SUSE Bug 1181657 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1181657"
},
{
"category": "external",
"summary": "SUSE Bug 1183936 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1183936"
},
{
"category": "external",
"summary": "SUSE Bug 1218863 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1218863"
},
{
"category": "external",
"summary": "SUSE Bug 1225623 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1225623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:sudo-1.8.27-4.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-1.8.27-4.15.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel-1.8.27-4.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-20T12:29:59Z",
"details": "important"
}
],
"title": "CVE-2021-3156"
}
]
}
SUSE-SU-2021:1275-1
Vulnerability from csaf_suse - Published: 2021-04-20 12:32 - Updated: 2021-04-20 12:32Summary
Security update for sudo
Severity
Important
Notes
Title of the patch: Security update for sudo
Description of the patch: This update for sudo fixes the following issues:
- L3: Tenable Scan reports sudo is vulnerable to CVE-2021-3156 (bsc#1183936)
Patchnames: SUSE-2021-1275,SUSE-SLE-Module-Basesystem-15-SP2-2021-1275,SUSE-SLE-Product-HPC-15-2021-1275,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-1275,SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-1275,SUSE-SLE-Product-SLES-15-2021-1275,SUSE-SLE-Product-SLES-15-SP1-BCL-2021-1275,SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-1275,SUSE-SLE-Product-SLES_SAP-15-2021-1275,SUSE-SLE-Product-SLES_SAP-15-SP1-2021-1275,SUSE-SLE-Product-SUSE-Manager-Proxy-4.0-2021-1275,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.0-2021-1275,SUSE-SLE-Product-SUSE-Manager-Server-4.0-2021-1275,SUSE-SUSE-MicroOS-5.0-2021-1275,SUSE-Storage-6-2021-1275
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 6:sudo-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 6:sudo-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 6:sudo-devel-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 6:sudo-devel-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-devel-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-devel-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-devel-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-devel-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-devel-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-devel-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.0:sudo-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.0:sudo-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-BCL:sudo-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-BCL:sudo-devel-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-1.8.22-4.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-devel-1.8.22-4.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-devel-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:sudo-1.8.22-4.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:sudo-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:sudo-devel-1.8.22-4.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:sudo-devel-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.0:sudo-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.0:sudo-devel-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.0:sudo-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.0:sudo-devel-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:sudo-1.8.22-4.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:sudo-1.8.22-4.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:sudo-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:sudo-devel-1.8.22-4.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:sudo-devel-1.8.22-4.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:sudo-devel-1.8.22-4.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for sudo",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for sudo fixes the following issues:\n\n- L3: Tenable Scan reports sudo is vulnerable to CVE-2021-3156 (bsc#1183936)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-1275,SUSE-SLE-Module-Basesystem-15-SP2-2021-1275,SUSE-SLE-Product-HPC-15-2021-1275,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-1275,SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-1275,SUSE-SLE-Product-SLES-15-2021-1275,SUSE-SLE-Product-SLES-15-SP1-BCL-2021-1275,SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-1275,SUSE-SLE-Product-SLES_SAP-15-2021-1275,SUSE-SLE-Product-SLES_SAP-15-SP1-2021-1275,SUSE-SLE-Product-SUSE-Manager-Proxy-4.0-2021-1275,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.0-2021-1275,SUSE-SLE-Product-SUSE-Manager-Server-4.0-2021-1275,SUSE-SUSE-MicroOS-5.0-2021-1275,SUSE-Storage-6-2021-1275",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_1275-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:1275-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20211275-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:1275-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008661.html"
},
{
"category": "self",
"summary": "SUSE Bug 1183936",
"url": "https://bugzilla.suse.com/1183936"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3156 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3156/"
}
],
"title": "Security update for sudo",
"tracking": {
"current_release_date": "2021-04-20T12:32:02Z",
"generator": {
"date": "2021-04-20T12:32:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:1275-1",
"initial_release_date": "2021-04-20T12:32:02Z",
"revision_history": [
{
"date": "2021-04-20T12:32:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.22-4.18.1.aarch64",
"product": {
"name": "sudo-1.8.22-4.18.1.aarch64",
"product_id": "sudo-1.8.22-4.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.22-4.18.1.aarch64",
"product": {
"name": "sudo-devel-1.8.22-4.18.1.aarch64",
"product_id": "sudo-devel-1.8.22-4.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.22-4.18.1.aarch64",
"product": {
"name": "sudo-test-1.8.22-4.18.1.aarch64",
"product_id": "sudo-test-1.8.22-4.18.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.22-4.18.1.i586",
"product": {
"name": "sudo-1.8.22-4.18.1.i586",
"product_id": "sudo-1.8.22-4.18.1.i586"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.22-4.18.1.i586",
"product": {
"name": "sudo-devel-1.8.22-4.18.1.i586",
"product_id": "sudo-devel-1.8.22-4.18.1.i586"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.22-4.18.1.i586",
"product": {
"name": "sudo-test-1.8.22-4.18.1.i586",
"product_id": "sudo-test-1.8.22-4.18.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.22-4.18.1.ppc64le",
"product": {
"name": "sudo-1.8.22-4.18.1.ppc64le",
"product_id": "sudo-1.8.22-4.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.22-4.18.1.ppc64le",
"product": {
"name": "sudo-devel-1.8.22-4.18.1.ppc64le",
"product_id": "sudo-devel-1.8.22-4.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.22-4.18.1.ppc64le",
"product": {
"name": "sudo-test-1.8.22-4.18.1.ppc64le",
"product_id": "sudo-test-1.8.22-4.18.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.22-4.18.1.s390x",
"product": {
"name": "sudo-1.8.22-4.18.1.s390x",
"product_id": "sudo-1.8.22-4.18.1.s390x"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.22-4.18.1.s390x",
"product": {
"name": "sudo-devel-1.8.22-4.18.1.s390x",
"product_id": "sudo-devel-1.8.22-4.18.1.s390x"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.22-4.18.1.s390x",
"product": {
"name": "sudo-test-1.8.22-4.18.1.s390x",
"product_id": "sudo-test-1.8.22-4.18.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.22-4.18.1.x86_64",
"product": {
"name": "sudo-1.8.22-4.18.1.x86_64",
"product_id": "sudo-1.8.22-4.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.22-4.18.1.x86_64",
"product": {
"name": "sudo-devel-1.8.22-4.18.1.x86_64",
"product_id": "sudo-devel-1.8.22-4.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.22-4.18.1.x86_64",
"product": {
"name": "sudo-test-1.8.22-4.18.1.x86_64",
"product_id": "sudo-test-1.8.22-4.18.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.0",
"product": {
"name": "SUSE Manager Proxy 4.0",
"product_id": "SUSE Manager Proxy 4.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.0",
"product": {
"name": "SUSE Manager Retail Branch Server 4.0",
"product_id": "SUSE Manager Retail Branch Server 4.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.0",
"product": {
"name": "SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.0",
"product": {
"name": "SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 6",
"product": {
"name": "SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.ppc64le"
},
"product_reference": "sudo-1.8.22-4.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.s390x"
},
"product_reference": "sudo-1.8.22-4.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.ppc64le"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.s390x"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-devel-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-devel-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-devel-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-devel-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-devel-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-devel-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.ppc64le"
},
"product_reference": "sudo-1.8.22-4.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.s390x"
},
"product_reference": "sudo-1.8.22-4.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.ppc64le"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.s390x"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:sudo-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:sudo-devel-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.ppc64le"
},
"product_reference": "sudo-1.8.22-4.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.s390x"
},
"product_reference": "sudo-1.8.22-4.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.ppc64le"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.s390x"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:sudo-1.8.22-4.18.1.ppc64le"
},
"product_reference": "sudo-1.8.22-4.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:sudo-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:sudo-devel-1.8.22-4.18.1.ppc64le"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:sudo-devel-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-1.8.22-4.18.1.ppc64le"
},
"product_reference": "sudo-1.8.22-4.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-devel-1.8.22-4.18.1.ppc64le"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-devel-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.x86_64 as component of SUSE Manager Proxy 4.0",
"product_id": "SUSE Manager Proxy 4.0:sudo-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.x86_64 as component of SUSE Manager Proxy 4.0",
"product_id": "SUSE Manager Proxy 4.0:sudo-devel-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.x86_64 as component of SUSE Manager Retail Branch Server 4.0",
"product_id": "SUSE Manager Retail Branch Server 4.0:sudo-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.x86_64 as component of SUSE Manager Retail Branch Server 4.0",
"product_id": "SUSE Manager Retail Branch Server 4.0:sudo-devel-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.ppc64le as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:sudo-1.8.22-4.18.1.ppc64le"
},
"product_reference": "sudo-1.8.22-4.18.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.s390x as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:sudo-1.8.22-4.18.1.s390x"
},
"product_reference": "sudo-1.8.22-4.18.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.x86_64 as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:sudo-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.ppc64le as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:sudo-devel-1.8.22-4.18.1.ppc64le"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.s390x as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:sudo-devel-1.8.22-4.18.1.s390x"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.x86_64 as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:sudo-devel-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.aarch64 as component of SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0:sudo-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.x86_64 as component of SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0:sudo-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:sudo-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.22-4.18.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:sudo-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:sudo-devel-1.8.22-4.18.1.aarch64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.22-4.18.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:sudo-devel-1.8.22-4.18.1.x86_64"
},
"product_reference": "sudo-devel-1.8.22-4.18.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3156"
}
],
"notes": [
{
"category": "general",
"text": "Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via \"sudoedit -s\" and a command-line argument that ends with a single backslash character.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:sudo-1.8.22-4.18.1.aarch64",
"SUSE Enterprise Storage 6:sudo-1.8.22-4.18.1.x86_64",
"SUSE Enterprise Storage 6:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Enterprise Storage 6:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Micro 5.0:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Micro 5.0:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Manager Proxy 4.0:sudo-1.8.22-4.18.1.x86_64",
"SUSE Manager Proxy 4.0:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:sudo-1.8.22-4.18.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Manager Server 4.0:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Manager Server 4.0:sudo-1.8.22-4.18.1.s390x",
"SUSE Manager Server 4.0:sudo-1.8.22-4.18.1.x86_64",
"SUSE Manager Server 4.0:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Manager Server 4.0:sudo-devel-1.8.22-4.18.1.s390x",
"SUSE Manager Server 4.0:sudo-devel-1.8.22-4.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3156",
"url": "https://www.suse.com/security/cve/CVE-2021-3156"
},
{
"category": "external",
"summary": "SUSE Bug 1180684 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1180684"
},
{
"category": "external",
"summary": "SUSE Bug 1181090 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1181090"
},
{
"category": "external",
"summary": "SUSE Bug 1181506 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1181506"
},
{
"category": "external",
"summary": "SUSE Bug 1181657 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1181657"
},
{
"category": "external",
"summary": "SUSE Bug 1183936 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1183936"
},
{
"category": "external",
"summary": "SUSE Bug 1218863 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1218863"
},
{
"category": "external",
"summary": "SUSE Bug 1225623 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1225623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:sudo-1.8.22-4.18.1.aarch64",
"SUSE Enterprise Storage 6:sudo-1.8.22-4.18.1.x86_64",
"SUSE Enterprise Storage 6:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Enterprise Storage 6:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Micro 5.0:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Micro 5.0:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Manager Proxy 4.0:sudo-1.8.22-4.18.1.x86_64",
"SUSE Manager Proxy 4.0:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:sudo-1.8.22-4.18.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Manager Server 4.0:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Manager Server 4.0:sudo-1.8.22-4.18.1.s390x",
"SUSE Manager Server 4.0:sudo-1.8.22-4.18.1.x86_64",
"SUSE Manager Server 4.0:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Manager Server 4.0:sudo-devel-1.8.22-4.18.1.s390x",
"SUSE Manager Server 4.0:sudo-devel-1.8.22-4.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:sudo-1.8.22-4.18.1.aarch64",
"SUSE Enterprise Storage 6:sudo-1.8.22-4.18.1.x86_64",
"SUSE Enterprise Storage 6:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Enterprise Storage 6:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Micro 5.0:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Micro 5.0:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:sudo-1.8.22-4.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Manager Proxy 4.0:sudo-1.8.22-4.18.1.x86_64",
"SUSE Manager Proxy 4.0:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:sudo-1.8.22-4.18.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:sudo-devel-1.8.22-4.18.1.x86_64",
"SUSE Manager Server 4.0:sudo-1.8.22-4.18.1.ppc64le",
"SUSE Manager Server 4.0:sudo-1.8.22-4.18.1.s390x",
"SUSE Manager Server 4.0:sudo-1.8.22-4.18.1.x86_64",
"SUSE Manager Server 4.0:sudo-devel-1.8.22-4.18.1.ppc64le",
"SUSE Manager Server 4.0:sudo-devel-1.8.22-4.18.1.s390x",
"SUSE Manager Server 4.0:sudo-devel-1.8.22-4.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-20T12:32:02Z",
"details": "important"
}
],
"title": "CVE-2021-3156"
}
]
}
SUSE-SU-2024:4389-1
Vulnerability from csaf_suse - Published: 2024-12-20 09:06 - Updated: 2024-12-20 09:06Summary
Security update for sudo
Severity
Important
Notes
Title of the patch: Security update for sudo
Description of the patch: This update for sudo fixes the following issues:
- CVE-2021-3156: Fixed regression in CVE (bsc#1234371)
Patchnames: SUSE-2024-4389,SUSE-SLE-SERVER-12-SP5-LTSS-2024-4389,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-4389
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:sudo-1.8.27-4.51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:sudo-devel-1.8.27-4.51.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for sudo",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for sudo fixes the following issues:\n\n - CVE-2021-3156: Fixed regression in CVE (bsc#1234371)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-4389,SUSE-SLE-SERVER-12-SP5-LTSS-2024-4389,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-4389",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_4389-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:4389-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20244389-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:4389-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020038.html"
},
{
"category": "self",
"summary": "SUSE Bug 1234371",
"url": "https://bugzilla.suse.com/1234371"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3156 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3156/"
}
],
"title": "Security update for sudo",
"tracking": {
"current_release_date": "2024-12-20T09:06:16Z",
"generator": {
"date": "2024-12-20T09:06:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:4389-1",
"initial_release_date": "2024-12-20T09:06:16Z",
"revision_history": [
{
"date": "2024-12-20T09:06:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.27-4.51.1.aarch64",
"product": {
"name": "sudo-1.8.27-4.51.1.aarch64",
"product_id": "sudo-1.8.27-4.51.1.aarch64"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.27-4.51.1.aarch64",
"product": {
"name": "sudo-devel-1.8.27-4.51.1.aarch64",
"product_id": "sudo-devel-1.8.27-4.51.1.aarch64"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.27-4.51.1.aarch64",
"product": {
"name": "sudo-test-1.8.27-4.51.1.aarch64",
"product_id": "sudo-test-1.8.27-4.51.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.27-4.51.1.i586",
"product": {
"name": "sudo-1.8.27-4.51.1.i586",
"product_id": "sudo-1.8.27-4.51.1.i586"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.27-4.51.1.i586",
"product": {
"name": "sudo-devel-1.8.27-4.51.1.i586",
"product_id": "sudo-devel-1.8.27-4.51.1.i586"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.27-4.51.1.i586",
"product": {
"name": "sudo-test-1.8.27-4.51.1.i586",
"product_id": "sudo-test-1.8.27-4.51.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.27-4.51.1.ppc64le",
"product": {
"name": "sudo-1.8.27-4.51.1.ppc64le",
"product_id": "sudo-1.8.27-4.51.1.ppc64le"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.27-4.51.1.ppc64le",
"product": {
"name": "sudo-devel-1.8.27-4.51.1.ppc64le",
"product_id": "sudo-devel-1.8.27-4.51.1.ppc64le"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.27-4.51.1.ppc64le",
"product": {
"name": "sudo-test-1.8.27-4.51.1.ppc64le",
"product_id": "sudo-test-1.8.27-4.51.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.27-4.51.1.s390",
"product": {
"name": "sudo-1.8.27-4.51.1.s390",
"product_id": "sudo-1.8.27-4.51.1.s390"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.27-4.51.1.s390",
"product": {
"name": "sudo-devel-1.8.27-4.51.1.s390",
"product_id": "sudo-devel-1.8.27-4.51.1.s390"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.27-4.51.1.s390",
"product": {
"name": "sudo-test-1.8.27-4.51.1.s390",
"product_id": "sudo-test-1.8.27-4.51.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.27-4.51.1.s390x",
"product": {
"name": "sudo-1.8.27-4.51.1.s390x",
"product_id": "sudo-1.8.27-4.51.1.s390x"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.27-4.51.1.s390x",
"product": {
"name": "sudo-devel-1.8.27-4.51.1.s390x",
"product_id": "sudo-devel-1.8.27-4.51.1.s390x"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.27-4.51.1.s390x",
"product": {
"name": "sudo-test-1.8.27-4.51.1.s390x",
"product_id": "sudo-test-1.8.27-4.51.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-1.8.27-4.51.1.x86_64",
"product": {
"name": "sudo-1.8.27-4.51.1.x86_64",
"product_id": "sudo-1.8.27-4.51.1.x86_64"
}
},
{
"category": "product_version",
"name": "sudo-devel-1.8.27-4.51.1.x86_64",
"product": {
"name": "sudo-devel-1.8.27-4.51.1.x86_64",
"product_id": "sudo-devel-1.8.27-4.51.1.x86_64"
}
},
{
"category": "product_version",
"name": "sudo-test-1.8.27-4.51.1.x86_64",
"product": {
"name": "sudo-test-1.8.27-4.51.1.x86_64",
"product_id": "sudo-test-1.8.27-4.51.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.27-4.51.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.aarch64"
},
"product_reference": "sudo-1.8.27-4.51.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.27-4.51.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.ppc64le"
},
"product_reference": "sudo-1.8.27-4.51.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.27-4.51.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.s390x"
},
"product_reference": "sudo-1.8.27-4.51.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.27-4.51.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.x86_64"
},
"product_reference": "sudo-1.8.27-4.51.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.27-4.51.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.aarch64"
},
"product_reference": "sudo-devel-1.8.27-4.51.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.27-4.51.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.ppc64le"
},
"product_reference": "sudo-devel-1.8.27-4.51.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.27-4.51.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.s390x"
},
"product_reference": "sudo-devel-1.8.27-4.51.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.27-4.51.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.x86_64"
},
"product_reference": "sudo-devel-1.8.27-4.51.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-1.8.27-4.51.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:sudo-1.8.27-4.51.1.x86_64"
},
"product_reference": "sudo-1.8.27-4.51.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-1.8.27-4.51.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:sudo-devel-1.8.27-4.51.1.x86_64"
},
"product_reference": "sudo-devel-1.8.27-4.51.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3156"
}
],
"notes": [
{
"category": "general",
"text": "Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via \"sudoedit -s\" and a command-line argument that ends with a single backslash character.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:sudo-1.8.27-4.51.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:sudo-devel-1.8.27-4.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3156",
"url": "https://www.suse.com/security/cve/CVE-2021-3156"
},
{
"category": "external",
"summary": "SUSE Bug 1180684 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1180684"
},
{
"category": "external",
"summary": "SUSE Bug 1181090 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1181090"
},
{
"category": "external",
"summary": "SUSE Bug 1181506 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1181506"
},
{
"category": "external",
"summary": "SUSE Bug 1181657 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1181657"
},
{
"category": "external",
"summary": "SUSE Bug 1183936 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1183936"
},
{
"category": "external",
"summary": "SUSE Bug 1218863 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1218863"
},
{
"category": "external",
"summary": "SUSE Bug 1225623 for CVE-2021-3156",
"url": "https://bugzilla.suse.com/1225623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:sudo-1.8.27-4.51.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:sudo-devel-1.8.27-4.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-1.8.27-4.51.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:sudo-devel-1.8.27-4.51.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:sudo-1.8.27-4.51.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:sudo-devel-1.8.27-4.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-20T09:06:16Z",
"details": "important"
}
],
"title": "CVE-2021-3156"
}
]
}
VAR-202101-1926
Vulnerability from variot - Updated: 2026-03-09 22:27Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. A heap-based overflow has been discovered in the set_cmd() function in sudo, which may allow a local attacker to execute commands with elevated administrator privileges.CVE-2021-3156 AffectedCVE-2021-3156 Affected. Any local user (sudoers and non-sudoers) can exploit this flaw for root privilege escalation.
For the stable distribution (buster), this problem has been fixed in version 1.8.27-1+deb10u3.
We recommend that you upgrade your sudo packages.
For the detailed security status of sudo please refer to its security tracker page at: https://security-tracker.debian.org/tracker/sudo
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmAQWctfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Qr2w/5AfAZMSbKestTzvm22w+T5yReGOd2jYXO2SzdqdkIzOVXJ83RrbogkiyK d1ie47Csw51M8L5eT/kf48vkABPqT9S0dlRI7rQ2xbIDWIUcDpnFNCSclSGjI+Sd HqtaQQbR+MdSjGtC8vc8RVEOEQcVvoXrqDPaEniWjA4uTV7Iqj0P3EpH1XolVlZv lw4ZZ+VdDolxhm1QWp/NiMKUlDpv5RLs6jW0oQAKP1RZqMIX44TSEHil/NEs6VeN u5AFUwo5iwYRCUbgi2mB0GxV4CRyb0IN26pGsltYJsReFL1vCMiO9drGMk/WhlqB NGKeF5rLsMKaJCkBEcMntDG1XtFhXuyak2O4atL7H8CwhBZ81Axe+aAynn7IB99B qx3GLfRNSVKHQHBHWEOxqILCS+xWmvL6/uB6xMaAh5CXxhEgs9BIEiPonccmkzQ9 xj6Uw/aWv9ZOUu+Rwmp+bG/V8DKaFKegaQAy0HnhOZ11ruJJB/YicTXSsbxoLSEt hbd0bYAOrZBqcysH8Ed+R2tGxtjoWIDLcv3uUqmttxgd8E5YpGGngaYBleGCnB0s X3JDyd1pvBu7H0vR5k2bVNgm4qQ27jHmeNKRSpvUZv50mRX8NQyv/rrROwkUsVdI 1EnlHYz0E4BUfb15ECWLfN9BM/MyPhkdKadIrrd+zJEwq+KVcHo= =d9gQ -----END PGP SIGNATURE----- . Relevant releases/architectures:
RHEL 8-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64 Red Hat Virtualization 4 Hypervisor for RHEL 8 - noarch, x86_64 Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts - noarch
- These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Bug Fix(es):
- Previously, the Red Hat Virtualization Host (RHV-H) repository (rhvh-4-for-rhel-8-x86_64-rpms) did not include the libsmbclient package, which is a dependency for the sssd-ad package. Consequently, the sssd-ad package failed to install.
With this update, the libsmbclient is now in the RHV-H repository, and sssd-ad now installs on RHV-H. (BZ#1868967)
- Bugs fixed (https://bugzilla.redhat.com/):
1850939 - Hosted engine deployment does not properly show iSCSI LUN errors 1868967 - sssd-ad installation fails on RHV-H 4.4 due to missing libsmbclient from samba package in rhvh-4-for-rhel-8-x86_64-rpms channel 1889686 - CVE-2020-25684 dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker 1889688 - CVE-2020-25685 dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker 1890125 - CVE-2020-25686 dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker 1902315 - Rebase RHV-H 4.4 to RHV 4.4.4 1902646 - ssh connection fails due to overly permissive openssh.config file permissions 1909644 - HE deploy failed with "Failed to download metadata for repo 'rhel-8-for-x86_64-baseos-beta-rpms': Cannot download repomd.xml 1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing 1921553 - RHVH upgrade to the latest 4.4.4-1 build will fail due to FileNotFoundError 1923126 - Hosted Engine setup fails on storage selection - Retrieval of iSCSI targets failed. 8.1) - aarch64, ppc64le, s390x, x86_64
-
6 ELS) - i386, s390x, x86_64
-
========================================================================== Ubuntu Security Notice USN-4705-2 January 27, 2021
sudo vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain unintended access to the administrator account. (CVE-2021-3156)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: sudo 1.8.9p5-1ubuntu1.5+esm6
Ubuntu 12.04 ESM: sudo 1.8.3p1-1ubuntu3.10
In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: sudo security update Advisory ID: RHSA-2021:0224-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0224 Issue date: 2021-01-26 CVE Names: CVE-2021-3156 ==================================================================== 1. Summary:
An update for sudo is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.4) - x86_64
- Description:
The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.
Security Fix(es):
- sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing
- Package List:
Red Hat Enterprise Linux Server AUS (v. 7.4):
Source: sudo-1.8.19p2-12.el7_4.2.src.rpm
x86_64: sudo-1.8.19p2-12.el7_4.2.x86_64.rpm sudo-debuginfo-1.8.19p2-12.el7_4.2.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.4):
Source: sudo-1.8.19p2-12.el7_4.2.src.rpm
ppc64le: sudo-1.8.19p2-12.el7_4.2.ppc64le.rpm sudo-debuginfo-1.8.19p2-12.el7_4.2.ppc64le.rpm
x86_64: sudo-1.8.19p2-12.el7_4.2.x86_64.rpm sudo-debuginfo-1.8.19p2-12.el7_4.2.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.4):
Source: sudo-1.8.19p2-12.el7_4.2.src.rpm
x86_64: sudo-1.8.19p2-12.el7_4.2.x86_64.rpm sudo-debuginfo-1.8.19p2-12.el7_4.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.4):
x86_64: sudo-debuginfo-1.8.19p2-12.el7_4.2.i686.rpm sudo-debuginfo-1.8.19p2-12.el7_4.2.x86_64.rpm sudo-devel-1.8.19p2-12.el7_4.2.i686.rpm sudo-devel-1.8.19p2-12.el7_4.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.4):
ppc64le: sudo-debuginfo-1.8.19p2-12.el7_4.2.ppc64le.rpm sudo-devel-1.8.19p2-12.el7_4.2.ppc64le.rpm
x86_64: sudo-debuginfo-1.8.19p2-12.el7_4.2.i686.rpm sudo-debuginfo-1.8.19p2-12.el7_4.2.x86_64.rpm sudo-devel-1.8.19p2-12.el7_4.2.i686.rpm sudo-devel-1.8.19p2-12.el7_4.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.4):
x86_64: sudo-debuginfo-1.8.19p2-12.el7_4.2.i686.rpm sudo-debuginfo-1.8.19p2-12.el7_4.2.x86_64.rpm sudo-devel-1.8.19p2-12.el7_4.2.i686.rpm sudo-devel-1.8.19p2-12.el7_4.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-3156 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-002
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYBB1htzjgjWX9erEAQjwNQ/9HBoqYFsK25G0+2QKqO2FTwr0G7P5gx3n 93VL0desDcpNXLdd4lwWcx1gAQkKSiYtMyFl5JdrqTznudDPo/V4dPBbPl3hkIr8 zGiiKTDErT2MeCm5T4RXJVFzCCJA78io7MENH0Wr0SVTybjljKs1m06egY120kC0 ax3v92dap0K6KNAlVLscRzc2p0veauF+cfpk+5+Zomzw89QRTrWYt7BBxUxFsk2u sS0t9cmT3UURXjsqdDjMmilxWbqmKzKePhWeCfu8zBNc+TacLSXBqZmPgSlB1V5U WTzSNIu3AGSpcniqcx0It4ncfmwGfmmekQ0U4ZTBLkM+fr7krikFiBFsf+jPaqvn PNFdJY318EAJWxzRGhf9UunlMVYrimjjNxqMU1LVIxIhRzQEi0BhlMIcFjIZp0UN Pa1nqJ0YKZbZ/+vvqzd6c6lALjsYBSOhkEpmr0ZivaXl1wIPB4cZ4yrKjMlO0DsP qsG4YmwIq+pl85wH4dPA2TG7mMF4CdWYvykUQlVfYSlGAXAllGaeNDAnySfi/FWE zXTdkjxc9uHojrhfUtX5pDoflFWoerbbaLK//fCTFuULhKfAhe5QidiCiU+LpFb2 aM23SHk+HZm8LnC2KM0fe0VzSk9fHWgOYXHx0iOYsqwRzHwe+d+AJ4bZkKxf2/pT /eC3svyPRxA=fsAW -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "hci management node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "sudo",
"scope": "gte",
"trust": 1.0,
"vendor": "sudo",
"version": "1.9.0"
},
{
"_id": null,
"model": "communications performance intelligence center",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "10.3.0.2.1"
},
{
"_id": null,
"model": "ontap select deploy administration utility",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "micros es400",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "400"
},
{
"_id": null,
"model": "communications performance intelligence center",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "10.4.0.3.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "10.0.4"
},
{
"_id": null,
"model": "privilege management for mac",
"scope": "lt",
"trust": 1.0,
"vendor": "beyondtrust",
"version": "21.1.1"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "9.2.8"
},
{
"_id": null,
"model": "micros es400",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "410"
},
{
"_id": null,
"model": "skynas",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": null
},
{
"_id": null,
"model": "communications performance intelligence center",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "10.3.0.0.0"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "32"
},
{
"_id": null,
"model": "diskstation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "6.2"
},
{
"_id": null,
"model": "sudo",
"scope": "lt",
"trust": 1.0,
"vendor": "sudo",
"version": "1.8.32"
},
{
"_id": null,
"model": "micros kitchen display system",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "210"
},
{
"_id": null,
"model": "privilege management for unix\\/linux",
"scope": "lt",
"trust": 1.0,
"vendor": "beyondtrust",
"version": "10.3.2-10"
},
{
"_id": null,
"model": "sudo",
"scope": "lt",
"trust": 1.0,
"vendor": "sudo",
"version": "1.9.5"
},
{
"_id": null,
"model": "tekelec platform distribution",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "7.4.0"
},
{
"_id": null,
"model": "diskstation manager unified controller",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "3.0"
},
{
"_id": null,
"model": "micros compact workstation 3",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "310"
},
{
"_id": null,
"model": "solidfire",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "8.2.17"
},
{
"_id": null,
"model": "micros workstation 6",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "610"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "33"
},
{
"_id": null,
"model": "cloud backup",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "sudo",
"scope": "gte",
"trust": 1.0,
"vendor": "sudo",
"version": "1.8.2"
},
{
"_id": null,
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "vs960hd",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"_id": null,
"model": "tekelec platform distribution",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "7.7.1"
},
{
"_id": null,
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "sudo",
"version": "1.9.5"
},
{
"_id": null,
"model": "ontap tools",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": "9"
},
{
"_id": null,
"model": "active iq unified manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "micros workstation 6",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "655"
},
{
"_id": null,
"model": "communications performance intelligence center",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "10.4.0.1.0"
},
{
"_id": null,
"model": "micros workstation 5a",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "5a"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-3156"
}
]
},
"credits": {
"_id": null,
"data": "This document was written by Timur Snoke.Statement Date:\u00a0\u00a0 February 15, 2021",
"sources": [
{
"db": "CERT/CC",
"id": "VU#794544"
}
],
"trust": 0.8
},
"cve": "CVE-2021-3156",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-3156",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-383931",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2021-3156",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-3156",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2021-3156",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-383931",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-383931"
},
{
"db": "NVD",
"id": "CVE-2021-3156"
},
{
"db": "NVD",
"id": "CVE-2021-3156"
}
]
},
"description": {
"_id": null,
"data": "Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via \"sudoedit -s\" and a command-line argument that ends with a single backslash character. A heap-based overflow has been discovered in the set_cmd() function in sudo, which may allow a local attacker to execute commands with elevated administrator privileges.CVE-2021-3156 AffectedCVE-2021-3156 Affected. Any local user (sudoers and non-sudoers)\ncan exploit this flaw for root privilege escalation. \n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1.8.27-1+deb10u3. \n\nWe recommend that you upgrade your sudo packages. \n\nFor the detailed security status of sudo please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/sudo\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmAQWctfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0Qr2w/5AfAZMSbKestTzvm22w+T5yReGOd2jYXO2SzdqdkIzOVXJ83RrbogkiyK\nd1ie47Csw51M8L5eT/kf48vkABPqT9S0dlRI7rQ2xbIDWIUcDpnFNCSclSGjI+Sd\nHqtaQQbR+MdSjGtC8vc8RVEOEQcVvoXrqDPaEniWjA4uTV7Iqj0P3EpH1XolVlZv\nlw4ZZ+VdDolxhm1QWp/NiMKUlDpv5RLs6jW0oQAKP1RZqMIX44TSEHil/NEs6VeN\nu5AFUwo5iwYRCUbgi2mB0GxV4CRyb0IN26pGsltYJsReFL1vCMiO9drGMk/WhlqB\nNGKeF5rLsMKaJCkBEcMntDG1XtFhXuyak2O4atL7H8CwhBZ81Axe+aAynn7IB99B\nqx3GLfRNSVKHQHBHWEOxqILCS+xWmvL6/uB6xMaAh5CXxhEgs9BIEiPonccmkzQ9\nxj6Uw/aWv9ZOUu+Rwmp+bG/V8DKaFKegaQAy0HnhOZ11ruJJB/YicTXSsbxoLSEt\nhbd0bYAOrZBqcysH8Ed+R2tGxtjoWIDLcv3uUqmttxgd8E5YpGGngaYBleGCnB0s\nX3JDyd1pvBu7H0vR5k2bVNgm4qQ27jHmeNKRSpvUZv50mRX8NQyv/rrROwkUsVdI\n1EnlHYz0E4BUfb15ECWLfN9BM/MyPhkdKadIrrd+zJEwq+KVcHo=\n=d9gQ\n-----END PGP SIGNATURE-----\n. Relevant releases/architectures:\n\nRHEL 8-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64\nRed Hat Virtualization 4 Hypervisor for RHEL 8 - noarch, x86_64\nRed Hat Virtualization 4 Management Agent for RHEL 7 Hosts - noarch\n\n3. These packages include redhat-release-virtualization-host,\novirt-node, and rhev-hypervisor. RHVH features a Cockpit user\ninterface for monitoring the host\u0027s resources and performing administrative\ntasks. \n\nBug Fix(es):\n\n* Previously, the Red Hat Virtualization Host (RHV-H) repository\n(rhvh-4-for-rhel-8-x86_64-rpms) did not include the libsmbclient package,\nwhich is a dependency for the sssd-ad package. Consequently, the sssd-ad\npackage failed to install. \n\nWith this update, the libsmbclient is now in the RHV-H repository, and\nsssd-ad now installs on RHV-H. (BZ#1868967)\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1850939 - Hosted engine deployment does not properly show iSCSI LUN errors\n1868967 - sssd-ad installation fails on RHV-H 4.4 due to missing libsmbclient from samba package in rhvh-4-for-rhel-8-x86_64-rpms channel\n1889686 - CVE-2020-25684 dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker\n1889688 - CVE-2020-25685 dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker\n1890125 - CVE-2020-25686 dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker\n1902315 - Rebase RHV-H 4.4 to RHV 4.4.4\n1902646 - ssh connection fails due to overly permissive openssh.config file permissions\n1909644 - HE deploy failed with \"Failed to download metadata for repo \u0027rhel-8-for-x86_64-baseos-beta-rpms\u0027: Cannot download repomd.xml\n1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing\n1921553 - RHVH upgrade to the latest 4.4.4-1 build will fail due to FileNotFoundError\n1923126 - Hosted Engine setup fails on storage selection - Retrieval of iSCSI targets failed. 8.1) - aarch64, ppc64le, s390x, x86_64\n\n3. 6 ELS) - i386, s390x, x86_64\n\n3. ==========================================================================\nUbuntu Security Notice USN-4705-2\nJanuary 27, 2021\n\nsudo vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 ESM\n- Ubuntu 12.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in Sudo. This update provides\nthe corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. \n\nOriginal advisory details:\n\n It was discovered that Sudo incorrectly handled memory when parsing command\n lines. A local attacker could possibly use this issue to obtain unintended\n access to the administrator account. (CVE-2021-3156)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 ESM:\n sudo 1.8.9p5-1ubuntu1.5+esm6\n\nUbuntu 12.04 ESM:\n sudo 1.8.3p1-1ubuntu3.10\n\nIn general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: sudo security update\nAdvisory ID: RHSA-2021:0224-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:0224\nIssue date: 2021-01-26\nCVE Names: CVE-2021-3156\n====================================================================\n1. Summary:\n\nAn update for sudo is now available for Red Hat Enterprise Linux 7.4\nAdvanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update\nSupport, and Red Hat Enterprise Linux 7.4 Update Services for SAP\nSolutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.4) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.4) - x86_64\n\n3. Description:\n\nThe sudo packages contain the sudo utility which allows system\nadministrators to provide certain users with the permission to execute\nprivileged commands, which are used for system management purposes, without\nhaving to log in as root. \n\nSecurity Fix(es):\n\n* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4):\n\nSource:\nsudo-1.8.19p2-12.el7_4.2.src.rpm\n\nx86_64:\nsudo-1.8.19p2-12.el7_4.2.x86_64.rpm\nsudo-debuginfo-1.8.19p2-12.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.4):\n\nSource:\nsudo-1.8.19p2-12.el7_4.2.src.rpm\n\nppc64le:\nsudo-1.8.19p2-12.el7_4.2.ppc64le.rpm\nsudo-debuginfo-1.8.19p2-12.el7_4.2.ppc64le.rpm\n\nx86_64:\nsudo-1.8.19p2-12.el7_4.2.x86_64.rpm\nsudo-debuginfo-1.8.19p2-12.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.4):\n\nSource:\nsudo-1.8.19p2-12.el7_4.2.src.rpm\n\nx86_64:\nsudo-1.8.19p2-12.el7_4.2.x86_64.rpm\nsudo-debuginfo-1.8.19p2-12.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4):\n\nx86_64:\nsudo-debuginfo-1.8.19p2-12.el7_4.2.i686.rpm\nsudo-debuginfo-1.8.19p2-12.el7_4.2.x86_64.rpm\nsudo-devel-1.8.19p2-12.el7_4.2.i686.rpm\nsudo-devel-1.8.19p2-12.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4):\n\nppc64le:\nsudo-debuginfo-1.8.19p2-12.el7_4.2.ppc64le.rpm\nsudo-devel-1.8.19p2-12.el7_4.2.ppc64le.rpm\n\nx86_64:\nsudo-debuginfo-1.8.19p2-12.el7_4.2.i686.rpm\nsudo-debuginfo-1.8.19p2-12.el7_4.2.x86_64.rpm\nsudo-devel-1.8.19p2-12.el7_4.2.i686.rpm\nsudo-devel-1.8.19p2-12.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4):\n\nx86_64:\nsudo-debuginfo-1.8.19p2-12.el7_4.2.i686.rpm\nsudo-debuginfo-1.8.19p2-12.el7_4.2.x86_64.rpm\nsudo-devel-1.8.19p2-12.el7_4.2.i686.rpm\nsudo-devel-1.8.19p2-12.el7_4.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-3156\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2021-002\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYBB1htzjgjWX9erEAQjwNQ/9HBoqYFsK25G0+2QKqO2FTwr0G7P5gx3n\n93VL0desDcpNXLdd4lwWcx1gAQkKSiYtMyFl5JdrqTznudDPo/V4dPBbPl3hkIr8\nzGiiKTDErT2MeCm5T4RXJVFzCCJA78io7MENH0Wr0SVTybjljKs1m06egY120kC0\nax3v92dap0K6KNAlVLscRzc2p0veauF+cfpk+5+Zomzw89QRTrWYt7BBxUxFsk2u\nsS0t9cmT3UURXjsqdDjMmilxWbqmKzKePhWeCfu8zBNc+TacLSXBqZmPgSlB1V5U\nWTzSNIu3AGSpcniqcx0It4ncfmwGfmmekQ0U4ZTBLkM+fr7krikFiBFsf+jPaqvn\nPNFdJY318EAJWxzRGhf9UunlMVYrimjjNxqMU1LVIxIhRzQEi0BhlMIcFjIZp0UN\nPa1nqJ0YKZbZ/+vvqzd6c6lALjsYBSOhkEpmr0ZivaXl1wIPB4cZ4yrKjMlO0DsP\nqsG4YmwIq+pl85wH4dPA2TG7mMF4CdWYvykUQlVfYSlGAXAllGaeNDAnySfi/FWE\nzXTdkjxc9uHojrhfUtX5pDoflFWoerbbaLK//fCTFuULhKfAhe5QidiCiU+LpFb2\naM23SHk+HZm8LnC2KM0fe0VzSk9fHWgOYXHx0iOYsqwRzHwe+d+AJ4bZkKxf2/pT\n/eC3svyPRxA=fsAW\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-3156"
},
{
"db": "CERT/CC",
"id": "VU#794544"
},
{
"db": "VULHUB",
"id": "VHN-383931"
},
{
"db": "PACKETSTORM",
"id": "168983"
},
{
"db": "PACKETSTORM",
"id": "161281"
},
{
"db": "PACKETSTORM",
"id": "161139"
},
{
"db": "PACKETSTORM",
"id": "161137"
},
{
"db": "PACKETSTORM",
"id": "161141"
},
{
"db": "PACKETSTORM",
"id": "161163"
},
{
"db": "PACKETSTORM",
"id": "161142"
}
],
"trust": 2.34
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-383931",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-383931"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2021-3156",
"trust": 2.6
},
{
"db": "CERT/CC",
"id": "VU#794544",
"trust": 1.9
},
{
"db": "PACKETSTORM",
"id": "161230",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "161160",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "161270",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "161293",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10348",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/01/27/2",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/01/26/3",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/02/15/1",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/01/27/1",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/09/14/2",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2024/01/30/6",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2024/01/30/8",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "176932",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "161163",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "161141",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "161142",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "161139",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "161281",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "161137",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "161143",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161152",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161138",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161144",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161140",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161272",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161398",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161136",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161135",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161145",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-99117",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-383931",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168983",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#794544"
},
{
"db": "VULHUB",
"id": "VHN-383931"
},
{
"db": "PACKETSTORM",
"id": "168983"
},
{
"db": "PACKETSTORM",
"id": "161281"
},
{
"db": "PACKETSTORM",
"id": "161139"
},
{
"db": "PACKETSTORM",
"id": "161137"
},
{
"db": "PACKETSTORM",
"id": "161141"
},
{
"db": "PACKETSTORM",
"id": "161163"
},
{
"db": "PACKETSTORM",
"id": "161142"
},
{
"db": "NVD",
"id": "CVE-2021-3156"
}
]
},
"id": "VAR-202101-1926",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-383931"
}
],
"trust": 0.01
},
"last_update_date": "2026-03-09T22:27:02.630000Z",
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-193",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-383931"
},
{
"db": "NVD",
"id": "CVE-2021-3156"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.2,
"url": "http://www.openwall.com/lists/oss-security/2021/01/26/3"
},
{
"trust": 1.1,
"url": "https://www.kb.cert.org/vuls/id/794544"
},
{
"trust": 1.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sudo-privesc-jan2021-qnyqfcm"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20210128-0001/"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20210128-0002/"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht212177"
},
{
"trust": 1.1,
"url": "https://www.sudo.ws/stable.html#1.9.5p2"
},
{
"trust": 1.1,
"url": "https://www.synology.com/security/advisory/synology_sa_21_02"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2021/dsa-4839"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2021/jan/79"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2021/feb/42"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/202101-33"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/161160/sudo-heap-based-buffer-overflow.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/161230/sudo-buffer-overflow-privilege-escalation.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/161270/sudo-1.9.5p1-buffer-overflow-privilege-escalation.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/161293/sudo-1.8.31p2-1.9.5p1-buffer-overflow.html"
},
{
"trust": 1.1,
"url": "https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability"
},
{
"trust": 1.1,
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/01/27/1"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/01/27/2"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/02/15/1"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/09/14/2"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2024/feb/3"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/cala5ftxiqbrryua2zqnjxb6oqmaxeii/"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"trust": 1.0,
"url": "https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-heap-based-buffer-overflow.html"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/8"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lhxk6ico5aylgfk2tax5mzkuxtukwojy/"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10348"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2021-3156"
},
{
"trust": 0.8,
"url": "cve-2021-3156 "
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3156"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-002"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2021-3156"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10348"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/lhxk6ico5aylgfk2tax5mzkuxtukwojy/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/cala5ftxiqbrryua2zqnjxb6oqmaxeii/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/sudo"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/2974891"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25686"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25685"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25685"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0401"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25686"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25684"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0225"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0220"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0227"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4705-2"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4705-1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0224"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#794544"
},
{
"db": "VULHUB",
"id": "VHN-383931"
},
{
"db": "PACKETSTORM",
"id": "168983"
},
{
"db": "PACKETSTORM",
"id": "161281"
},
{
"db": "PACKETSTORM",
"id": "161139"
},
{
"db": "PACKETSTORM",
"id": "161137"
},
{
"db": "PACKETSTORM",
"id": "161141"
},
{
"db": "PACKETSTORM",
"id": "161163"
},
{
"db": "PACKETSTORM",
"id": "161142"
},
{
"db": "NVD",
"id": "CVE-2021-3156"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#794544",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-383931",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "168983",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "161281",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "161139",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "161137",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "161141",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "161163",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "161142",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2021-3156",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2021-02-04T00:00:00",
"db": "CERT/CC",
"id": "VU#794544",
"ident": null
},
{
"date": "2021-01-26T00:00:00",
"db": "VULHUB",
"id": "VHN-383931",
"ident": null
},
{
"date": "2021-01-28T20:12:00",
"db": "PACKETSTORM",
"id": "168983",
"ident": null
},
{
"date": "2021-02-03T16:36:53",
"db": "PACKETSTORM",
"id": "161281",
"ident": null
},
{
"date": "2021-01-27T14:06:12",
"db": "PACKETSTORM",
"id": "161139",
"ident": null
},
{
"date": "2021-01-27T14:05:54",
"db": "PACKETSTORM",
"id": "161137",
"ident": null
},
{
"date": "2021-01-27T14:06:28",
"db": "PACKETSTORM",
"id": "161141",
"ident": null
},
{
"date": "2021-01-28T13:59:34",
"db": "PACKETSTORM",
"id": "161163",
"ident": null
},
{
"date": "2021-01-27T14:06:37",
"db": "PACKETSTORM",
"id": "161142",
"ident": null
},
{
"date": "2021-01-26T21:15:12.987000",
"db": "NVD",
"id": "CVE-2021-3156",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2021-04-26T00:00:00",
"db": "CERT/CC",
"id": "VU#794544",
"ident": null
},
{
"date": "2022-09-03T00:00:00",
"db": "VULHUB",
"id": "VHN-383931",
"ident": null
},
{
"date": "2025-11-10T14:41:45.053000",
"db": "NVD",
"id": "CVE-2021-3156",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "168983"
},
{
"db": "PACKETSTORM",
"id": "161163"
}
],
"trust": 0.2
},
"title": {
"_id": null,
"data": "Sudo set_cmd() is vulnerable to heap-based buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#794544"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "overflow, root",
"sources": [
{
"db": "PACKETSTORM",
"id": "168983"
},
{
"db": "PACKETSTORM",
"id": "161139"
},
{
"db": "PACKETSTORM",
"id": "161137"
},
{
"db": "PACKETSTORM",
"id": "161141"
},
{
"db": "PACKETSTORM",
"id": "161142"
}
],
"trust": 0.5
}
}
VDE-2021-011
Vulnerability from csaf_trumpfsecokg - Published: 2021-03-22 08:59 - Updated: 2026-02-02 14:25Summary
TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability
Notes
Summary: TruControl laser control software from versions 2.14.0 to 3.14.0 use sudo versions affected by CVE-2021-3156. The affected sudo has a heap-based buffer overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Impact: To be able to exploit this vulnerability the attacker first needs to gain any kind of user access to the system.
When logged on to the system the privilege escalation vulnerability can be exploited with following possible impacts/damages to the system:
- Data loss in the laser control
- Standstill of production
- Damage by change of the laser control
Safety is not affected since it is controlled by an independent electromechanical safety mechanism.
Remediation: - Update to TruControl version 3.16.0 or higher
- Please contact your service partner (service.tls@trumpf.com) for instructions on how to retrieve the patch
A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This may lead to unexpected loss of cyclic communication or interruption of acyclic communication.
7.8 (High)
Vendor Fix
- Update to TruControl version 3.16.0 or higher or
- Please contact your service partner (service.tls@trumpf.com) for instructions on how to retrieve the patch
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — | ||
| Unresolved product id: CSAFPID-32010 | — |
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — |
References
3 references
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "the coordination and support with this publication.",
"urls": [
"https://certvde.com"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "TruControl laser control software from versions 2.14.0 to 3.14.0 use sudo versions affected by CVE-2021-3156. The affected sudo has a heap-based buffer overflow, allowing privilege escalation to root via \"sudoedit -s\" and a command-line argument that ends with a single backslash character.",
"title": "Summary"
},
{
"category": "description",
"text": "To be able to exploit this vulnerability the attacker first needs to gain any kind of user access to the system.\n\nWhen logged on to the system the privilege escalation vulnerability can be exploited with following possible impacts/damages to the system:\n\n- Data loss in the laser control\n- Standstill of production\n- Damage by change of the laser control\n\nSafety is not affected since it is controlled by an independent electromechanical safety mechanism.",
"title": "Impact"
},
{
"category": "description",
"text": "- Update to TruControl version 3.16.0 or higher\n- Please contact your service partner (service.tls@trumpf.com) for instructions on how to retrieve the patch",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "product.security@trumpf.com",
"name": "Trumpf SE + Co. KG",
"namespace": "https://www.trumpf.com"
},
"references": [
{
"category": "self",
"summary": "VDE-2021-011: TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability - HTML",
"url": "https://certvde.com/en/advisories/VDE-2021-011/"
},
{
"category": "self",
"summary": "VDE-2021-011: TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability - CSAF",
"url": "https://trumpf.csaf-tp.certvde.com/.well-known/csaf/white/2021/vde-2021-011.json"
},
{
"category": "external",
"summary": "TRUMPF advisory overview at CERT@VDE",
"url": "https://certvde.com/en/advisories/vendor/trumpf/"
}
],
"source_lang": "en",
"title": "TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability",
"tracking": {
"aliases": [
"VDE-2021-011"
],
"current_release_date": "2026-02-02T14:25:00.000Z",
"generator": {
"date": "2024-11-25T13:11:10.222Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.15"
}
},
"id": "VDE-2021-011",
"initial_release_date": "2021-03-22T08:59:00.000Z",
"revision_history": [
{
"date": "2021-03-22T08:59:00.000Z",
"number": "1.0.0",
"summary": "initial revision"
},
{
"date": "2025-04-10T13:00:00.000Z",
"number": "2.0.0",
"summary": "Fixed csaf reference URL and publisher information."
},
{
"date": "2025-05-14T13:00:14.000Z",
"number": "3.0.0",
"summary": "Fix: added distribution"
},
{
"date": "2026-02-02T14:25:00.000Z",
"number": "4.0.0",
"summary": "Fix: CSAF Document Alias had the wrong VDE-ID, changed revision versioning scheme to semver"
}
],
"status": "final",
"version": "4.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "redpowerDirect",
"product": {
"name": "Hardware redpowerDirect",
"product_id": "CSAFPID-11001"
}
},
{
"category": "product_name",
"name": "TruDiode",
"product": {
"name": "Hardware TruDiode",
"product_id": "CSAFPID-11002"
}
},
{
"category": "product_name",
"name": "TruDisk",
"product": {
"name": "Hardware TruDisk",
"product_id": "CSAFPID-11003"
}
},
{
"category": "product_name",
"name": "TruFiber",
"product": {
"name": "Hardware TruFiber",
"product_id": "CSAFPID-11004"
}
},
{
"category": "product_name",
"name": "TruMicro2000",
"product": {
"name": "Hardware TruMicro2000",
"product_id": "CSAFPID-11005"
}
},
{
"category": "product_name",
"name": "TruMicro5000",
"product": {
"name": "Hardware TruMicro5000",
"product_id": "CSAFPID-11006"
}
},
{
"category": "product_name",
"name": "TruMicro6000",
"product": {
"name": "Hardware TruMicro6000",
"product_id": "CSAFPID-11007"
}
},
{
"category": "product_name",
"name": "TruMicro7000",
"product": {
"name": "Hardware TruMicro7000",
"product_id": "CSAFPID-11008"
}
},
{
"category": "product_name",
"name": "TruMicro8000",
"product": {
"name": "Hardware TruMicro8000",
"product_id": "CSAFPID-11009"
}
},
{
"category": "product_name",
"name": "TruMicro9000",
"product": {
"name": "Hardware TruMicro9000",
"product_id": "CSAFPID-11010"
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "2.14.0\u003c=3.14.0",
"product": {
"name": "TruControl 2.14.0\u003c=3.14.0",
"product_id": "CSAFPID-51001"
}
},
{
"category": "product_version",
"name": "3.16.0",
"product": {
"name": "TruControl 3.16.0",
"product_id": "CSAFPID-52001"
}
}
],
"category": "product_name",
"name": "TruControl"
}
],
"category": "product_family",
"name": "Software"
}
],
"category": "vendor",
"name": "TRUMPF"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
],
"summary": "Affected products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010"
],
"summary": "Fixed products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 2.14.0\u003c=3.14.0 installed on Hardware redpowerDirect",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 2.14.0\u003c=3.14.0 installed on Hardware TruDiode",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 2.14.0\u003c=3.14.0 installed on Hardware TruDisk",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 2.14.0\u003c=3.14.0 installed on Hardware TruFiber",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 2.14.0\u003c=3.14.0 installed on Hardware TruMicro2000",
"product_id": "CSAFPID-31005"
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 2.14.0\u003c=3.14.0 installed on Hardware TruMicro5000",
"product_id": "CSAFPID-31006"
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 2.14.0\u003c=3.14.0 installed on Hardware TruMicro6000",
"product_id": "CSAFPID-31007"
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 2.14.0\u003c=3.14.0 installed on Hardware TruMicro7000",
"product_id": "CSAFPID-31008"
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 2.14.0\u003c=3.14.0 installed on Hardware TruMicro8000",
"product_id": "CSAFPID-31009"
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 2.14.0\u003c=3.14.0 installed on Hardware TruMicro9000",
"product_id": "CSAFPID-31010"
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 3.16.0 installed on Hardware redpowerDirect",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 3.16.0 installed on Hardware TruDiode",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 3.16.0 installed on Hardware TruDisk",
"product_id": "CSAFPID-32003"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 3.16.0 installed on Hardware TruFiber",
"product_id": "CSAFPID-32004"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 3.16.0 installed on Hardware TruMicro2000",
"product_id": "CSAFPID-32005"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 3.16.0 installed on Hardware TruMicro5000",
"product_id": "CSAFPID-32006"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 3.16.0 installed on Hardware TruMicro6000",
"product_id": "CSAFPID-32007"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 3.16.0 installed on Hardware TruMicro7000",
"product_id": "CSAFPID-32008"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 3.16.0 installed on Hardware TruMicro8000",
"product_id": "CSAFPID-32009"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TruControl 3.16.0 installed on Hardware TruMicro9000",
"product_id": "CSAFPID-32010"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11010"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3156",
"cwe": {
"id": "CWE-193",
"name": "Off-by-one Error"
},
"notes": [
{
"category": "description",
"text": "A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This may lead to unexpected loss of cyclic communication or interruption of acyclic communication.",
"title": "Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "- Update to TruControl version 3.16.0 or higher or\n- Please contact your service partner (service.tls@trumpf.com) for instructions on how to retrieve the patch",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
}
],
"title": "CVE-2021-3156"
}
]
}
WID-SEC-W-2023-0066
Vulnerability from csaf_certbund - Published: 2021-01-26 23:00 - Updated: 2025-10-01 22:00Summary
sudo: Schwachstelle ermöglicht Privilegieneskalation
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Sudo ist ein Linux System Werkzeug um Befehle unter anderem Benutzernamen/Gruppennamen (UID/GID) auszuführen.
Angriff: Ein lokaler Angreifer kann eine Schwachstelle in sudo ausnutzen, um seine Privilegien zu erhöhen.
Betroffene Betriebssysteme: - Hardware Appliance
- Linux
- MacOS X
- UNIX
Affected products
Known affected
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Unify OpenScape Voice
Unify
|
cpe:/a:unify:openscape_voice:-
|
— | |
|
Unify OpenScape SBC
Unify
|
cpe:/a:unify:openscape_sbc:-
|
— | |
|
McAfee Web Gateway
McAfee
|
cpe:/a:mcafee:web_gateway:-
|
— | |
|
Unify OpenScape Business
Unify
|
cpe:/a:unify:openscape_business:v2r7.1.1_037
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Synology DiskStation Manager
Synology
|
cpe:/a:synology:diskstation_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Apple macOS
Apple
|
cpe:/o:apple:mac_os:-
|
— | |
|
Dell PowerProtect Data Domain <7.13.1.40
Dell / PowerProtect Data Domain
|
<7.13.1.40 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell PowerProtect Data Domain <7.10.1.70
Dell / PowerProtect Data Domain
|
<7.10.1.70 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— | |
|
Dell PowerProtect Data Domain <8.3.1.10
Dell / PowerProtect Data Domain
|
<8.3.1.10 | ||
|
Cisco Prime Collaboration
Cisco
|
cpe:/a:cisco:prime_collaboration:-
|
— | |
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Cisco Nexus 3000
Cisco / Nexus
|
cpe:/h:cisco:nexus:3000
|
3000 | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Cisco Nexus 9000
Cisco / Nexus
|
cpe:/h:cisco:nexus:9000
|
9000 | |
|
Unify OpenScape UC Application
Unify
|
cpe:/a:unify:openscape_uc_application:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Unify OpenScape Mediaserver
Unify
|
cpe:/a:unify:openscape_mediaserver:-
|
— | |
|
IBM AIX
IBM
|
cpe:/o:ibm:aix:-
|
— | |
|
Meinberg LANTIME
Meinberg
|
cpe:/h:meinberg:lantime:-
|
— | |
|
Open Source sudo <1.9.5_p2
Open Source / sudo
|
<1.9.5_p2 | ||
|
EMC NetWorker <19.4.0.2
EMC / NetWorker
|
<19.4.0.2 | ||
|
QNAP NAS
QNAP
|
cpe:/h:qnap:nas:-
|
— | |
|
Unify OpenScape Xpert
Unify
|
cpe:/h:unify:openscape_xpert:-
|
— | |
|
Unify OpenScape Branch
Unify
|
cpe:/h:unify:openscape_branch:-
|
— | |
|
Unify OpenScape Common Management Platform
Unify
|
cpe:/a:unify:openscape_common_management_platform:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <8.4.0.0
Dell / PowerProtect Data Domain
|
<8.4.0.0 | ||
|
Avaya one-X
Avaya
|
cpe:/a:avaya:one-x:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
References
56 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Sudo ist ein Linux System Werkzeug um Befehle unter anderem Benutzernamen/Gruppennamen (UID/GID) auszuf\u00fchren.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle in sudo ausnutzen, um seine Privilegien zu erh\u00f6hen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Hardware Appliance\n- Linux\n- MacOS X\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0066 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2023-0066.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0066 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0066"
},
{
"category": "external",
"summary": "Eintrag in der OSS Mailing-Liste vom 2021-01-26",
"url": "https://seclists.org/oss-sec/2021/q1/71"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0218 vom 2021-01-26",
"url": "https://access.redhat.com/errata/RHSA-2021:0218"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0219 vom 2021-01-26",
"url": "https://access.redhat.com/errata/RHSA-2021:0219"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0220 vom 2021-01-26",
"url": "https://access.redhat.com/errata/RHSA-2021:0220"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0221 vom 2021-01-26",
"url": "https://access.redhat.com/errata/RHSA-2021:0221"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0222 vom 2021-01-26",
"url": "https://access.redhat.com/errata/RHSA-2021:0222"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0223 vom 2021-01-26",
"url": "https://access.redhat.com/errata/RHSA-2021:0223"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0224 vom 2021-01-26",
"url": "https://access.redhat.com/errata/RHSA-2021:0224"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0225 vom 2021-01-26",
"url": "https://access.redhat.com/errata/RHSA-2021:0225"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0226 vom 2021-01-26",
"url": "https://access.redhat.com/errata/RHSA-2021:0226"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0227 vom 2021-01-26",
"url": "https://access.redhat.com/errata/RHSA-2021:0227"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4705 vom 2021-01-26",
"url": "https://ubuntu.com/security/notices/USN-4705-1"
},
{
"category": "external",
"summary": "Oracle Security Announcement ELSA-2021-0221 vom 2021-01-26",
"url": "http://linux.oracle.com/errata/ELSA-2021-0221.html"
},
{
"category": "external",
"summary": "Debian Security Announcement DLA 2534-1 vom 2021-01-26",
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:0225-1 vom 2021-01-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008251.html"
},
{
"category": "external",
"summary": "Debian Security Announcement DSA-4839 vom 2021-01-26",
"url": "https://www.debian.org/security/2021/dsa-4839"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:0226-1 vom 2021-01-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008250.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:0227-1 vom 2021-01-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008250.html"
},
{
"category": "external",
"summary": "Arch Linux Security Announcement ASA-202101-25 vom 2021-01-26",
"url": "https://security.archlinux.org/ASA-202101-25"
},
{
"category": "external",
"summary": "Gentoo Linux Security Announcement GLSA 202101-33 vom 2021-01-26",
"url": "https://security.gentoo.org/glsa/202101-33"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4705-2 vom 2021-01-27",
"url": "https://usn.ubuntu.com/4705-2"
},
{
"category": "external",
"summary": "QNAP Security Advisory QSA-21-02 vom 2021-01-28",
"url": "https://www.qnap.com/de-de/security-advisory/QSA-21-02"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-9019 vom 2021-01-27",
"url": "http://linux.oracle.com/errata/ELSA-2021-9019.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:0232-1 vom 2021-01-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008252.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-0218 vom 2021-01-27",
"url": "http://linux.oracle.com/errata/ELSA-2021-0218.html"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2021-0003 vom 2021-01-28",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2021-January/001009.html"
},
{
"category": "external",
"summary": "Cisco Security Advisory CISCO-SA-SUDO-PRIVESC-JAN2021-QNYQFCM vom 2021-01-29",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM"
},
{
"category": "external",
"summary": "Tweet @hackerfantastic vom 2021-02-02",
"url": "https://twitter.com/hackerfantastic/status/1356645638151303169"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0395 vom 2021-02-03",
"url": "https://access.redhat.com/errata/RHSA-2021:0395"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0401 vom 2021-02-03",
"url": "https://access.redhat.com/errata/RHSA-2021:0401"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2021-1590 vom 2021-02-03",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2021-1590.html"
},
{
"category": "external",
"summary": "Unify Security Advisory Report OBSO-2102-01 vom 2021-02-04",
"url": "https://networks.unify.com/security/advisories/OBSO-2102-01.pdf"
},
{
"category": "external",
"summary": "Cisco Security Advisory CISCO-SA-SUDO-PRIVESC-JAN2021-QNYQFCM vom 2021-02-05",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2021-008 vom 2021-02-04",
"url": "https://downloads.avaya.com/css/P8/documents/101073903"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2021-007 vom 2021-02-04",
"url": "https://downloads.avaya.com/css/P8/documents/101073902"
},
{
"category": "external",
"summary": "Apple Security Advisory HT212177 vom 2021-02-09",
"url": "https://support.apple.com/en-us/HT212177"
},
{
"category": "external",
"summary": "McAfee Security Bulletin SB10348 vom 2021-02-18",
"url": "http://www.auscert.org.au/bulletins/ESB-2021.0609"
},
{
"category": "external",
"summary": "McAfee Security Bulletin SB10348 vom 2021-02-18 vom 2021-02-18",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10348"
},
{
"category": "external",
"summary": "Synology Security Advisory SYNOLOGY-SA-21:02 vom 2021-02-22",
"url": "https://www.synology.com/en-global/support/security/Synology_SA_21_02"
},
{
"category": "external",
"summary": "HPE Security Bulletin",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04095en_us"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:0928-1 vom 2021-03-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008540.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-9169 vom 2021-04-15",
"url": "https://linux.oracle.com/errata/ELSA-2021-9169.html"
},
{
"category": "external",
"summary": "Meinberg Security Advisory MBGSA-2021.02 vom 2021-04-20",
"url": "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2021-02-meinberg-lantime-firmware-v7-02-003-und-v6-24-028.htm"
},
{
"category": "external",
"summary": "Meinberg Security Advisory",
"url": "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2021-02-meinberg-lantime-firmware-v7-02-003-und-v6-24-028.htm"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:1267-1 vom 2021-04-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008659.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:1275-1 vom 2021-04-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008661.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:1274-1 vom 2021-04-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008662.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:1273-1 vom 2021-04-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008663.html"
},
{
"category": "external",
"summary": "EMC Security Advisory DSA-2021-114 vom 2021-06-01",
"url": "https://www.dell.com/support/kbdoc/de-de/000187723/dsa-2021-114-dell-emc-networker-vproxy-security-update-for-multiple-third-party-component-vulnerabilities"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2021-0012 vom 2021-06-03",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2021-June/001015.html"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA70182 vom 2023-01-12",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Service-Orchestration-Multiple-vulnerabilities-resolved-in-CSO-6-3-0?language=en_US"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7008449 vom 2023-06-29",
"url": "https://www.ibm.com/support/pages/node/7008449"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:4389-1 vom 2024-12-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020038.html"
},
{
"category": "external",
"summary": "Dell Security Update vom 2025-10-02",
"url": "https://www.dell.com/support/kbdoc/000376224"
}
],
"source_lang": "en-US",
"title": "sudo: Schwachstelle erm\u00f6glicht Privilegieneskalation",
"tracking": {
"current_release_date": "2025-10-01T22:00:00.000+00:00",
"generator": {
"date": "2025-10-02T08:18:18.920+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2023-0066",
"initial_release_date": "2021-01-26T23:00:00.000+00:00",
"revision_history": [
{
"date": "2021-01-26T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2021-01-27T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Ubuntu, QNAP, Oracle Linux und SUSE aufgenommen"
},
{
"date": "2021-01-28T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2021-01-31T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Cisco aufgenommen"
},
{
"date": "2021-02-01T23:00:00.000+00:00",
"number": "5",
"summary": "Produkte angepasst"
},
{
"date": "2021-02-02T23:00:00.000+00:00",
"number": "6",
"summary": "Apple macOS und IBM AIX ebenfalls betroffen, derzeit kein Patch"
},
{
"date": "2021-02-03T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat und Amazon aufgenommen"
},
{
"date": "2021-02-04T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Unify aufgenommen"
},
{
"date": "2021-02-07T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Informationen von Cisco aufgenommen - FXOS nicht betroffen"
},
{
"date": "2021-02-08T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2021-02-09T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Apple aufgenommen"
},
{
"date": "2021-02-18T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von McAfee aufgenommen"
},
{
"date": "2021-02-21T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Synology aufgenommen"
},
{
"date": "2021-03-01T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2021-03-24T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-04-15T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-04-19T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Meinberg aufgenommen"
},
{
"date": "2021-04-20T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-06-01T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von EMC aufgenommen"
},
{
"date": "2021-06-03T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2023-01-11T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2023-06-29T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-22T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-01T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "24"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Apple macOS",
"product": {
"name": "Apple macOS",
"product_id": "697",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:-"
}
}
}
],
"category": "vendor",
"name": "Apple"
},
{
"branches": [
{
"category": "product_name",
"name": "Avaya Aura Application Enablement Services",
"product": {
"name": "Avaya Aura Application Enablement Services",
"product_id": "T015516",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Experience Portal",
"product": {
"name": "Avaya Aura Experience Portal",
"product_id": "T015519",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_experience_portal:-"
}
}
},
{
"category": "product_name",
"name": "Avaya one-X",
"product": {
"name": "Avaya one-X",
"product_id": "1024",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:one-x:-"
}
}
}
],
"category": "vendor",
"name": "Avaya"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3000",
"product": {
"name": "Cisco Nexus 3000",
"product_id": "T003851",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:3000"
}
}
},
{
"category": "product_version",
"name": "9000",
"product": {
"name": "Cisco Nexus 9000",
"product_id": "T003853",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:9000"
}
}
}
],
"category": "product_name",
"name": "Nexus"
},
{
"category": "product_name",
"name": "Cisco Prime Collaboration",
"product": {
"name": "Cisco Prime Collaboration",
"product_id": "190829",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:prime_collaboration:-"
}
}
}
],
"category": "vendor",
"name": "Cisco"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.4.0.0",
"product": {
"name": "Dell PowerProtect Data Domain \u003c8.4.0.0",
"product_id": "T045879"
}
},
{
"category": "product_version",
"name": "8.4.0.0",
"product": {
"name": "Dell PowerProtect Data Domain 8.4.0.0",
"product_id": "T045879-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:8.4.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.10.1.70",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.10.1.70",
"product_id": "T045881"
}
},
{
"category": "product_version",
"name": "7.10.1.70",
"product": {
"name": "Dell PowerProtect Data Domain 7.10.1.70",
"product_id": "T045881-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.10.1.70"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.13.1.40",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.13.1.40",
"product_id": "T047343"
}
},
{
"category": "product_version",
"name": "7.13.1.40",
"product": {
"name": "Dell PowerProtect Data Domain 7.13.1.40",
"product_id": "T047343-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.13.1.40"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.3.1.10",
"product": {
"name": "Dell PowerProtect Data Domain \u003c8.3.1.10",
"product_id": "T047344"
}
},
{
"category": "product_version",
"name": "8.3.1.10",
"product": {
"name": "Dell PowerProtect Data Domain 8.3.1.10",
"product_id": "T047344-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:8.3.1.10"
}
}
}
],
"category": "product_name",
"name": "PowerProtect Data Domain"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.4.0.2",
"product": {
"name": "EMC NetWorker \u003c19.4.0.2",
"product_id": "T019366"
}
},
{
"category": "product_version",
"name": "19.4.0.2",
"product": {
"name": "EMC NetWorker 19.4.0.2",
"product_id": "T019366-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:emc:networker:19.4.0.2"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM AIX",
"product": {
"name": "IBM AIX",
"product_id": "5094",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:-"
}
}
},
{
"category": "product_name",
"name": "IBM DB2",
"product": {
"name": "IBM DB2",
"product_id": "5104",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper Contrail Service Orchestration",
"product": {
"name": "Juniper Contrail Service Orchestration",
"product_id": "T025794",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:contrail_service_orchestration:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "McAfee Web Gateway",
"product": {
"name": "McAfee Web Gateway",
"product_id": "T003324",
"product_identification_helper": {
"cpe": "cpe:/a:mcafee:web_gateway:-"
}
}
}
],
"category": "vendor",
"name": "McAfee"
},
{
"branches": [
{
"category": "product_name",
"name": "Meinberg LANTIME",
"product": {
"name": "Meinberg LANTIME",
"product_id": "T018353",
"product_identification_helper": {
"cpe": "cpe:/h:meinberg:lantime:-"
}
}
}
],
"category": "vendor",
"name": "Meinberg"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Arch Linux",
"product": {
"name": "Open Source Arch Linux",
"product_id": "T013312",
"product_identification_helper": {
"cpe": "cpe:/o:archlinux:archlinux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.9.5_p2",
"product": {
"name": "Open Source sudo \u003c1.9.5_p2",
"product_id": "T018177"
}
},
{
"category": "product_version",
"name": "1.9.5_p2",
"product": {
"name": "Open Source sudo 1.9.5_p2",
"product_id": "T018177-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:todd_miller:sudo:1.9.5_p2"
}
}
}
],
"category": "product_name",
"name": "sudo"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
},
{
"category": "product_name",
"name": "Oracle VM",
"product": {
"name": "Oracle VM",
"product_id": "T011119",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:vm:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "QNAP NAS",
"product": {
"name": "QNAP NAS",
"product_id": "T017100",
"product_identification_helper": {
"cpe": "cpe:/h:qnap:nas:-"
}
}
}
],
"category": "vendor",
"name": "QNAP"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "T015361",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Synology DiskStation Manager",
"product": {
"name": "Synology DiskStation Manager",
"product_id": "450918",
"product_identification_helper": {
"cpe": "cpe:/a:synology:diskstation_manager:-"
}
}
}
],
"category": "vendor",
"name": "Synology"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"category": "product_name",
"name": "Unify OpenScape Branch",
"product": {
"name": "Unify OpenScape Branch",
"product_id": "T018258",
"product_identification_helper": {
"cpe": "cpe:/h:unify:openscape_branch:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Business",
"product": {
"name": "Unify OpenScape Business",
"product_id": "T016636",
"product_identification_helper": {
"cpe": "cpe:/a:unify:openscape_business:v2r7.1.1_037"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Common Management Platform",
"product": {
"name": "Unify OpenScape Common Management Platform",
"product_id": "T018017",
"product_identification_helper": {
"cpe": "cpe:/a:unify:openscape_common_management_platform:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Mediaserver",
"product": {
"name": "Unify OpenScape Mediaserver",
"product_id": "T018253",
"product_identification_helper": {
"cpe": "cpe:/a:unify:openscape_mediaserver:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape SBC",
"product": {
"name": "Unify OpenScape SBC",
"product_id": "T008874",
"product_identification_helper": {
"cpe": "cpe:/a:unify:openscape_sbc:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape UC Application",
"product": {
"name": "Unify OpenScape UC Application",
"product_id": "T015712",
"product_identification_helper": {
"cpe": "cpe:/a:unify:openscape_uc_application:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Voice",
"product": {
"name": "Unify OpenScape Voice",
"product_id": "T008873",
"product_identification_helper": {
"cpe": "cpe:/a:unify:openscape_voice:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Xpert",
"product": {
"name": "Unify OpenScape Xpert",
"product_id": "T018014",
"product_identification_helper": {
"cpe": "cpe:/h:unify:openscape_xpert:-"
}
}
}
],
"category": "vendor",
"name": "Unify"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3156",
"product_status": {
"known_affected": [
"T008873",
"T008874",
"T003324",
"T016636",
"T004914",
"450918",
"T015361",
"697",
"T047343",
"398363",
"T045881",
"T025794",
"T047344",
"190829",
"T011119",
"T015519",
"T003851",
"T015516",
"T003853",
"T015712",
"T013312",
"T018253",
"5094",
"T018353",
"T018177",
"T019366",
"T017100",
"T018014",
"T018258",
"T018017",
"T002207",
"T045879",
"1024",
"T000126",
"5104"
]
},
"release_date": "2021-01-26T23:00:00.000+00:00",
"title": "CVE-2021-3156"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…