CVE-2021-3156 : sudo - Heap-based Buffer Overflow
Versions Affected : All versions prior to TrueNAS 12.0-U2
Description
A serious heap-based buffer overflow has been discovered in sudo that is exploitable by any local user. It has been given the name Baron Samedit by its discoverer. The bug can be leveraged to elevate privileges to root, even if the user is not listed in the sudoers file. User authentication is not required to exploit the bug.
Workaround
No workaround is available.
Mitigation
- Upgrade to 12.0-U2 or later