CVE-2021-3156

7.8

HIGH CVSS 3.1

Sudo Heap-Based Buffer Overflow Vulnerability - [Actively Exploited]

Description

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

INFO

Published Date :

Jan. 26, 2021, 9:15 p.m.

Last Modified :

April 3, 2025, 7:47 p.m.

Remotely Exploit :

No

Source :

[email protected]

CISA Notification

CISA KEV (Known Exploited Vulnerabilities)

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.

Due Date: Apr 27, 2022

Alert Date: Apr 06, 2022 | 1236 days ago

Description :

Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.

Required Action :

Apply updates per vendor instructions.

Notes :

https://nvd.nist.gov/vuln/detail/CVE-2021-3156

Affected Products

The following products are affected by CVE-2021-3156 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Oracle	tekelec_platform_distribution
2	Oracle	communications_performance_intelligence_center
3	Oracle	micros_compact_workstation_3_firmware
4	Oracle	micros_es400_firmware
5	Oracle	micros_kitchen_display_system_firmware
6	Oracle	micros_workstation_5a_firmware
7	Oracle	micros_workstation_6_firmware
8	Oracle	micros_compact_workstation_3
9	Oracle	micros_es400
10	Oracle	micros_kitchen_display_system
11	Oracle	micros_workstation_5a
12	Oracle	micros_workstation_6
1	Netapp	active_iq_unified_manager
2	Netapp	ontap_select_deploy_administration_utility
3	Netapp	cloud_backup
4	Netapp	hci_management_node
5	Netapp	solidfire
6	Netapp	oncommand_unified_manager_core_package
7	Netapp	ontap_tools
1	Synology	diskstation_manager
2	Synology	skynas_firmware
3	Synology	vs960hd_firmware
4	Synology	diskstation_manager
5	Synology	diskstation_manager_unified_controller
6	Synology	skynas
7	Synology	vs960hd
1	Beyondtrust	privilege_management_for_mac
2	Beyondtrust	privilege_management_for_unix\/linux
1	Fedoraproject	fedora
1	Debian	debian_linux
1	Mcafee	web_gateway
1	Sudo_project	sudo

: Total Affected Vendor : 8 | Products : 32

CVSS Scores

The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.

Version	Severity	Source
CVSS 2.0	HIGH	[email protected]
CVSS 3.1	HIGH	[email protected]
CVSS 3.1	HIGH	134c704f-9b21-4f2e-91b3-4a467353bcc0

Solution

A heap-based buffer overflow vulnerability in Sudo requires immediate package updates.

Update the affected sudo packages.
If available, upgrade associated packages, too.

Public PoC/Exploit Available at Github

CVE-2021-3156 has a 331 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2021-3156.

URL	Resource
http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html	Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html	Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html	Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html	Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html	Exploit Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2021/Feb/42	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2021/Jan/79	Exploit Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2024/Feb/3	Exploit Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/01/26/3	Exploit Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/01/27/1	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/01/27/2	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/02/15/1	Exploit Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/09/14/2	Mailing List Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/01/30/6	Exploit Mailing List
http://www.openwall.com/lists/oss-security/2024/01/30/8	Mailing List
https://kc.mcafee.com/corporate/index?page=content&id=SB10348	Broken Link Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/	Mailing List Release Notes
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/	Mailing List Release Notes
https://security.gentoo.org/glsa/202101-33	Third Party Advisory
https://security.netapp.com/advisory/ntap-20210128-0001/	Third Party Advisory
https://security.netapp.com/advisory/ntap-20210128-0002/	Third Party Advisory
https://support.apple.com/kb/HT212177	Third Party Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM	Third Party Advisory
https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability	Third Party Advisory
https://www.debian.org/security/2021/dsa-4839	Third Party Advisory
https://www.kb.cert.org/vuls/id/794544	Third Party Advisory US Government Resource
https://www.openwall.com/lists/oss-security/2021/01/26/3	Exploit Mailing List Third Party Advisory
https://www.oracle.com//security-alerts/cpujul2021.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html	Patch Third Party Advisory
https://www.sudo.ws/stable.html#1.9.5p2	Release Notes
https://www.synology.com/security/advisory/Synology_SA_21_02	Third Party Advisory
https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156	Exploit Third Party Advisory
http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html	Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html	Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html	Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html	Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html	Exploit Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2021/Feb/42	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2021/Jan/79	Exploit Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2024/Feb/3	Exploit Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/01/26/3	Exploit Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/01/27/1	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/01/27/2	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/02/15/1	Exploit Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/09/14/2	Mailing List Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/01/30/6	Exploit Mailing List
http://www.openwall.com/lists/oss-security/2024/01/30/8	Mailing List
https://kc.mcafee.com/corporate/index?page=content&id=SB10348	Broken Link Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/	Mailing List Release Notes
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/	Mailing List Release Notes
https://security.gentoo.org/glsa/202101-33	Third Party Advisory
https://security.netapp.com/advisory/ntap-20210128-0001/	Third Party Advisory
https://security.netapp.com/advisory/ntap-20210128-0002/	Third Party Advisory
https://support.apple.com/kb/HT212177	Third Party Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM	Third Party Advisory
https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability	Third Party Advisory
https://www.debian.org/security/2021/dsa-4839	Third Party Advisory
https://www.kb.cert.org/vuls/id/794544	Third Party Advisory US Government Resource
https://www.openwall.com/lists/oss-security/2021/01/26/3	Exploit Mailing List Third Party Advisory
https://www.oracle.com//security-alerts/cpujul2021.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html	Patch Third Party Advisory
https://www.sudo.ws/stable.html#1.9.5p2	Release Notes
https://www.synology.com/security/advisory/Synology_SA_21_02	Third Party Advisory

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2021-3156 is associated with the following CWEs:

CWE-193: Off-by-one Error

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2021-3156 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

VishuGahlyan/OSCP-Notes

None

Updated: 4 days, 4 hours ago

0 stars 0 fork 0 watcher

Born at : Aug. 20, 2025, 8:50 a.m. This repo has been linked 3 different CVEs too.

software-engineering-and-security/cfi-practical-guideline

SoK: Preventing Real-World Exploits: A Practical Guideline and Taxonomy to LLVM's Control Flow Integrity

Updated: 5 days, 2 hours ago

0 stars 0 fork 0 watcher

Born at : Aug. 19, 2025, 11:27 a.m. This repo has been linked 5 different CVEs too.

Maikefee/linux-exploit-hunter

一个强大的Linux漏洞搜索工具，基于原始的[Linux -exploit- suggestion](https://github.com/mzet-/linux-exploit-suggester)，专注于检测**2020-2024**期间最新的Linux内核特权升级漏洞。

Shell Python

Updated: 5 days, 4 hours ago

0 stars 0 fork 0 watcher

Born at : Aug. 19, 2025, 7:01 a.m. This repo has been linked 11 different CVEs too.

zhanpengliu-tencent/medium-cve

None

Updated: 1 week, 2 days ago

0 stars 0 fork 0 watcher

Born at : Aug. 15, 2025, 9:07 a.m. This repo has been linked 310 different CVEs too.

dharanirajan676/openVAS_Elevatelabs_task3

🛡️ Cyber Security Internship - Task 3 Objective The objective of this task is to perform a basic vulnerability scan on the local machine using OpenVAS, identify potential security issues, and recommend fixes.

Updated: 1 week, 3 days ago

0 stars 0 fork 0 watcher

Born at : Aug. 13, 2025, 6:39 p.m. This repo has been linked 1 different CVEs too.

sujallamichhane18/DestroyGPT

None

Python

Updated: 1 week, 4 days ago

0 stars 0 fork 0 watcher

Born at : Aug. 8, 2025, 12:32 p.m. This repo has been linked 1 different CVEs too.

paultheal1en/auto_pen_bench_web

None

Makefile Python Dockerfile PHP Hack CSS HTML Ruby Groovy Java

Updated: 1 week, 5 days ago

0 stars 0 fork 0 watcher

Born at : Aug. 5, 2025, 1:21 a.m. This repo has been linked 11 different CVEs too.

PsychoH4x0r/Unknown1337-Auto-Root-

None

Shell

Updated: 3 weeks, 5 days ago

0 stars 0 fork 0 watcher

Born at : July 28, 2025, 1:44 p.m. This repo has been linked 27 different CVEs too.

ravibalanraju/vulnerability-reports-case-studies

None

Updated: 3 weeks, 5 days ago

0 stars 0 fork 0 watcher

Born at : July 28, 2025, 12:43 p.m. This repo has been linked 2 different CVEs too.

WilliamQ28/Worst-autoLinPrivesc

for when linpeas keeps on giving you that same few recommendations no matter what

Shell

Updated: 3 weeks, 4 days ago

0 stars 0 fork 0 watcher

Born at : July 28, 2025, 1:28 a.m. This repo has been linked 5 different CVEs too.

Maalfer/Sudo-CVE-2021-3156

Exploit para explotar la vulnerabilidad CVE-2025-32463

Shell

Updated: 1 month ago

0 stars 0 fork 0 watcher

Born at : July 18, 2025, 10:39 a.m. This repo has been linked 2 different CVEs too.

sparktsao/auto-pen-bench-study

None

Makefile Python Dockerfile Shell C PHP Hack CSS HTML Ruby

Updated: 1 month, 1 week ago

0 stars 0 fork 0 watcher

Born at : July 13, 2025, 8:56 p.m. This repo has been linked 11 different CVEs too.

jitmondal1/OSCP

OSCP Cheat Sheet

Updated: 1 month ago

1 stars 0 fork 0 watcher

Born at : July 5, 2025, 10:38 p.m. This repo has been linked 73 different CVEs too.

jitmondal1/OSCP

OSCP Cheat Sheet

Updated: 1 month, 2 weeks ago

0 stars 0 fork 0 watcher

Born at : July 5, 2025, 4:34 p.m. This repo has been linked 73 different CVEs too.

VishuGahlyan/OSCP

None

Updated: 1 month, 3 weeks ago

0 stars 0 fork 0 watcher

Born at : July 2, 2025, 7:05 a.m. This repo has been linked 72 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2021-3156 vulnerability anywhere in the article.

Daily CyberSecurity

The Telecom Threat: Liminal Panda’s Covert Campaign Targets Southwest Asian Critical Infrastructure

High-level chain of events in the attack investigated by Unit 42 In a revealing report by Palo Alto Networks’ Unit 42, a high-level cyberespionage campaign targeting critical telecommunications infras ...

Published Date: Aug 04, 2025 (2 weeks, 6 days ago)

The Hacker News

CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign

Telecommunications organizations in Southeast Asia have been targeted by a state-sponsored threat actor known as CL-STA-0969 to facilitate remote control over compromised networks. Palo Alto Networks ...

Published Date: Aug 02, 2025 (3 weeks ago)

Kaspersky

Exploits and vulnerabilities in Q1 2025

The first quarter of 2025 saw the continued publication of vulnerabilities discovered and fixed in 2024, as some researchers were previously unable to disclose the details. This partially shifted the ...

Published Date: May 30, 2025 (2 months, 3 weeks ago)

The Register

Sudo-rs make me a sandwich, hold the buffer overflows

Canonical's Ubuntu 25.10 is set to make sudo-rs, a Rust-based rework of the classic sudo utility, the default – part of a push to cut memory-related security bugs and lock down core system components. ...

Published Date: May 08, 2025 (3 months, 2 weeks ago)

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2021-3156 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

Modified Analysis by [email protected]

Apr. 03, 2025

Action	Type	Old Value	New Value

CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

Feb. 03, 2025

Action	Type	Old Value	New Value
Added	CVSS V3.1		AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Added	CWE		CWE-193

CPE Deprecation Remap by [email protected]

Jan. 14, 2025

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:a:synology:diskstation_manager:6.2:::::::	OR cpe:2.3:o:synology:diskstation_manager:6.2:::::::

CVE Modified by af854a3a-2127-422b-91ae-364da2661108

Nov. 21, 2024

Action	Type	New Value
Added	Reference	http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html
Added	Reference	http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html
Added	Reference	http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html
Added	Reference	http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html
Added	Reference	http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html
Added	Reference	http://seclists.org/fulldisclosure/2021/Feb/42
Added	Reference	http://seclists.org/fulldisclosure/2021/Jan/79
Added	Reference	http://seclists.org/fulldisclosure/2024/Feb/3
Added	Reference	http://www.openwall.com/lists/oss-security/2021/01/26/3
Added	Reference	http://www.openwall.com/lists/oss-security/2021/01/27/1
Added	Reference	http://www.openwall.com/lists/oss-security/2021/01/27/2
Added	Reference	http://www.openwall.com/lists/oss-security/2021/02/15/1
Added	Reference	http://www.openwall.com/lists/oss-security/2021/09/14/2
Added	Reference	http://www.openwall.com/lists/oss-security/2024/01/30/6
Added	Reference	http://www.openwall.com/lists/oss-security/2024/01/30/8
Added	Reference	https://kc.mcafee.com/corporate/index?page=content&id=SB10348
Added	Reference	https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html
Added	Reference	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/
Added	Reference	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/
Added	Reference	https://security.gentoo.org/glsa/202101-33
Added	Reference	https://security.netapp.com/advisory/ntap-20210128-0001/
Added	Reference	https://security.netapp.com/advisory/ntap-20210128-0002/
Added	Reference	https://support.apple.com/kb/HT212177
Added	Reference	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM
Added	Reference	https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability
Added	Reference	https://www.debian.org/security/2021/dsa-4839
Added	Reference	https://www.kb.cert.org/vuls/id/794544
Added	Reference	https://www.openwall.com/lists/oss-security/2021/01/26/3
Added	Reference	https://www.oracle.com//security-alerts/cpujul2021.html
Added	Reference	https://www.oracle.com/security-alerts/cpuapr2022.html
Added	Reference	https://www.oracle.com/security-alerts/cpuoct2021.html
Added	Reference	https://www.sudo.ws/stable.html#1.9.5p2
Added	Reference	https://www.synology.com/security/advisory/Synology_SA_21_02

Modified Analysis by [email protected]

Sep. 19, 2024

Action	Type	Old Value	New Value
Changed	Reference Type	https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156 No Types Assigned	https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156 Exploit, Third Party Advisory

Action	Type	Old Value	New Value
Added	Reference		MITRE http://www.openwall.com/lists/oss-security/2024/01/30/8 [No types assigned]
Added	Reference		MITRE http://www.openwall.com/lists/oss-security/2024/01/30/6 [No types assigned]

Action	Type	Old Value	New Value
Added	Reference		MITRE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/ [No types assigned]
Added	Reference		MITRE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/ [No types assigned]
Removed	Reference	MITRE https://lists.fedoraproject.org/archives/list/[email protected]/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/
Removed	Reference	MITRE https://lists.fedoraproject.org/archives/list/[email protected]/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/

Action	Type	Old Value	New Value
Added	CVSS V2		NIST (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Added	CVSS V3.1		NIST AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Changed	Reference Type	http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html No Types Assigned	http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html Third Party Advisory, VDB Entry
Changed	Reference Type	http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html No Types Assigned	http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html Exploit, Third Party Advisory, VDB Entry
Changed	Reference Type	http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html No Types Assigned	http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html Exploit, Third Party Advisory, VDB Entry
Changed	Reference Type	http://www.openwall.com/lists/oss-security/2021/01/26/3 No Types Assigned	http://www.openwall.com/lists/oss-security/2021/01/26/3 Exploit, Mailing List, Third Party Advisory
Changed	Reference Type	http://www.openwall.com/lists/oss-security/2021/01/27/1 No Types Assigned	http://www.openwall.com/lists/oss-security/2021/01/27/1 Mailing List, Third Party Advisory
Changed	Reference Type	http://www.openwall.com/lists/oss-security/2021/01/27/2 No Types Assigned	http://www.openwall.com/lists/oss-security/2021/01/27/2 Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.fedoraproject.org/archives/list/[email protected]/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/ No Types Assigned	https://lists.fedoraproject.org/archives/list/[email protected]/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/ Third Party Advisory
Changed	Reference Type	https://lists.fedoraproject.org/archives/list/[email protected]/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/ No Types Assigned	https://lists.fedoraproject.org/archives/list/[email protected]/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/ Third Party Advisory
Changed	Reference Type	https://security.gentoo.org/glsa/202101-33 No Types Assigned	https://security.gentoo.org/glsa/202101-33 Third Party Advisory
Changed	Reference Type	https://security.netapp.com/advisory/ntap-20210128-0001/ No Types Assigned	https://security.netapp.com/advisory/ntap-20210128-0001/ Third Party Advisory
Changed	Reference Type	https://security.netapp.com/advisory/ntap-20210128-0002/ No Types Assigned	https://security.netapp.com/advisory/ntap-20210128-0002/ Third Party Advisory
Changed	Reference Type	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM No Types Assigned	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM Third Party Advisory
Changed	Reference Type	https://www.debian.org/security/2021/dsa-4839 No Types Assigned	https://www.debian.org/security/2021/dsa-4839 Third Party Advisory
Changed	Reference Type	https://www.openwall.com/lists/oss-security/2021/01/26/3 No Types Assigned	https://www.openwall.com/lists/oss-security/2021/01/26/3 Exploit, Mailing List, Third Party Advisory
Changed	Reference Type	https://www.sudo.ws/stable.html#1.9.5p2 No Types Assigned	https://www.sudo.ws/stable.html#1.9.5p2 Release Notes, Vendor Advisory
Added	CWE		NIST CWE-787
Added	CPE Configuration		OR cpe:2.3:a:sudo_project:sudo::::::::* versions up to (excluding) 1.9.5 cpe:2.3:a:sudo_project:sudo:1.9.5:patch1::::::*
Added	CPE Configuration		OR cpe:2.3:o:fedoraproject:fedora:32::::::: cpe:2.3:o:fedoraproject:fedora:33:::::::
Added	CPE Configuration		OR cpe:2.3:o:debian:debian_linux:10.0:::::::
Added	CPE Configuration		OR cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-::::::: cpe:2.3:a:netapp:solidfire:-::::::: cpe:2.3:h:netapp:hci_storage_node:-:::::::

CVE-2021-3156

Sudo Heap-Based Buffer Overflow Vulnerability - [Actively Exploited]

Description

INFO

Jan. 26, 2021, 9:15 p.m.

April 3, 2025, 7:47 p.m.

No

CISA KEV (Known Exploited Vulnerabilities)

Affected Products

CVSS Scores

Solution

Public PoC/Exploit Available at Github

References to Advisories, Solutions, and Tools

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

The Telecom Threat: Liminal Panda’s Covert Campaign Targets Southwest Asian Critical Infrastructure

CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign

Exploits and vulnerabilities in Q1 2025

Sudo-rs make me a sandwich, hold the buffer overflows

Modified Analysis by [email protected]

CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

CPE Deprecation Remap by [email protected]

CVE Modified by af854a3a-2127-422b-91ae-364da2661108

Modified Analysis by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

Reanalysis by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Initial Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Vulnerability Scoring Details

Base CVSS Score: 7.8

Base CVSS Score: 7.2

Exploit Prediction

92.19 }} -0.16%

0.99704

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width