Eric The IT GuyFeb 3, 2021
Check out #ThisWeekInLinux with @MichaelTunnell as he covers the Sudo Bug, AKA #BaronSamedit, TailsOS, the new version of FireFox and so much more! Its my favorite place to catch my #linux #gnews !
NamiJan 27, 2021

Does anyone know which version of sudo on #Debian 9 fixes the #baronsamedit vulnerability?

I just know that for Debian 10 it's sudo 1.8.27-1+deb10u3... for Ubuntu there is this comprehensive page, but for Debian? https://ubuntu.com/security/notices/USN-4705-1

USN-4705-1: Sudo vulnerabilities | Ubuntu security notices | Ubuntu

Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.

Teddy / Domingo (🇨🇵/🇬🇧)Jan 27, 2021
10-years-old #Sudo bug lets #Linux users gain root-level access. The #vulnerability, named #baronsamedit impacts most #Linux #distributions today.
https://www.zdnet.com/article/10-years-old-sudo-bug-lets-linux-users-gain-root-level-access/#ftag=RSSbaffb68
#security #vulnerabilities
10-years-old Sudo bug lets Linux users gain root-level access | ZDNet

The vulnerability, named "Baron Samedit," impacts most Linux distributions today.

Leonard Janis Robert KönigJan 26, 2021

RT @[email protected]

$ sudo make me a sandwich

> You are not in the sudoers file. This incident will be reported

$ sudoedit -s '\' `perl -e 'print "A" x 65536'` make me a sandwich

> (core dumped)
> Okay

https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit

#sudo #baronsamedit #linux #security

🐦🔗: https://twitter.com/Jogenfors/status/1354151579058888712

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) | Qualys Security Blog

The Qualys Research Team has discovered a heap overflow vulnerability in sudo, a near-ubiquitous utility available on major Unix-like operating systems. Any unprivileged user can gain root privileges…

Qualys Security Blog