{"id":"MGASA-2021-0056","summary":"Updated sudo packages fix security vulnerability","details":"A serious heap-based buffer overflow has been discovered in sudo that is\nexploitable by any local user. It has been given the name Baron Samedit\nby its discoverer. The bug can be leveraged to elevate privileges to\nroot, even if the user is not listed in the sudoers file. User\nauthentication is not required to exploit the bug (CVE-2021-3156). \n","modified":"2026-04-16T00:10:16.358115056Z","published":"2021-01-27T00:40:21Z","upstream":["CVE-2021-3156"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0056.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=28230"},{"type":"WEB","url":"https://www.sudo.ws/alerts/unescape_overflow.html"}],"affected":[{"package":{"name":"sudo","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/sudo?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.9.5p2-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0056.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}