New Linux SUDO vulnerability lets local users gain root privileges

Sudo is a Unix program that lets system administrators provide limited root privileges to normal users listed in the sudoers file and keeps a log of the users' activity. The now-fixed Sudo privilege vulnerability tracked as CVE-2021-3156 was discovered by security researchers from Qualys. The cause of the bug was buffer overflow, triggered by Sudo incorrectly unescaping backslashes in the arguments. The vulnerability has been fixed by the Sudo contributors today. Read more...