{"id":9625,"date":"2021-01-29T14:42:14","date_gmt":"2021-01-29T05:42:14","guid":{"rendered":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/?p=9625"},"modified":"2023-10-17T11:41:32","modified_gmt":"2023-10-17T02:41:32","slug":"sudocve-2021-3156","status":"publish","type":"post","link":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/public\/heads-up\/sudocve-2021-3156\/","title":{"rendered":"sudo\u306e\u8106\u5f31\u6027\uff08CVE-2021-3156\uff09\u306b\u95a2\u3059\u308b\u6ce8\u610f\u559a\u8d77"},"content":{"rendered":"\n<p>I. \u6982\u8981<br>2021\u5e741\u670826\u65e5\uff08\u73fe\u5730\u6642\u9593\uff09\u3001sudo\u306b\u304a\u3051\u308b\u30d2\u30fc\u30d7\u30d9\u30fc\u30b9\u306e\u30d0\u30c3\u30d5\u30a1\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u306e\u8106\u5f31\u6027\uff08CVE-2021-3156\uff09\u306b\u95a2\u3059\u308b\u60c5\u5831\u304c\u516c\u958b\u3055\u308c\u307e\u3057\u305f\u3002<br>sudoers\u30d5\u30a1\u30a4\u30eb(\u901a\u5e38\u306f\/etc\/sudoers\u914d\u4e0b)\u304c\u5b58\u5728\u3059\u308b\u5834\u5408\u306b\u3001\u8106\u5f31\u6027\u3092\u60aa\u7528\u3059\u308b\u3053\u3068\u306b\u3088\u308a\u3001\u30ed\u30fc\u30ab\u30eb\u30e6\u30fc\u30b6\u304croot\u306b\u6a29\u9650\u6607\u683c\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<br>\u53c2\u8003\uff1a<a href=\"https:\/\/www.jpcert.or.jp\/at\/2021\/at210005.html\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/www.jpcert.or.jp\/at\/2021\/at210005.html<\/a><\/p>\n<p>Sudo<br>Buffer overflow in command line unescaping<br><a href=\"https:\/\/www.sudo.ws\/alerts\/unescape_overflow.html\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/www.sudo.ws\/alerts\/unescape_overflow.html<\/a><\/p>\n<p>\u306a\u304a\u3001\u672c\u8106\u5f31\u6027\u3092\u767a\u898b\u3057\u305fQualys\u793e\u3088\u308a\u3001\u8106\u5f31\u6027\u306e\u6280\u8853\u7684\u306a\u89e3\u8aac\u3084\u8106\u5f31\u6027\u3092\u5b9f\u8a3c\u3059\u308b\u52d5\u753b\u304c\u516c\u958b\u3055\u308c\u3066\u3044\u307e\u3059\u3002<br>\u4eca\u5f8c\u3001\u8106\u5f31\u6027\u3092\u60aa\u7528\u3059\u308b\u5b9f\u8a3c\u30b3\u30fc\u30c9\u306a\u3069\u304c\u516c\u958b\u3055\u308c\u3001\u653b\u6483\u306e\u4e2d\u3067\u6a29\u9650\u6607\u683c\u306b\u60aa\u7528\u3055\u308c\u308b\u53ef\u80fd\u6027\u3082\u3042\u308b\u305f\u3081\u3001\u5f71\u97ff\u3092\u53d7\u3051\u308b\u30b7\u30b9\u30c6\u30e0\u3092\u5229\u7528\u3057\u3066\u3044\u308b\u5834\u5408\u306f\u3001\u65e9\u6025\u306b\u5bfe\u7b56\u3092\u5b9f\u65bd\u3059\u308b\u3053\u3068\u3092\u63a8\u5968\u3057\u307e\u3059\u3002<\/p>\n<p><br>II. \u5bfe\u8c61<br>\u5bfe\u8c61\u3068\u306a\u308b\u88fd\u54c1\u3068\u30d0\u30fc\u30b8\u30e7\u30f3\u306f\u6b21\u306e\u3068\u304a\u308a\u3067\u3059\u3002<br>\u306a\u304a\u3001\u5404\u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30b7\u30f3\u306b\u304a\u3051\u308b\u5bfe\u8c61\u30d0\u30fc\u30b8\u30e7\u30f3\u306f\u3001\u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30bf\u306e\u60c5\u5831\u3092\u53c2\u7167\u304f\u3060\u3055\u3044\u3002<\/p>\n<p>&#8211; sudo \u30d0\u30fc\u30b8\u30e7\u30f3 1.8.2 \u304b\u3089 1.8.31p2<br>&#8211; sudo \u30d0\u30fc\u30b8\u30e7\u30f3 1.9.0 \u304b\u3089 1.9.5p1<\/p>\n<p>\u306a\u304a\u3001\u672c\u8106\u5f31\u6027\u3092\u767a\u898b\u3057\u305fQualys\u793e\u306f\u3001&#8221;sudoedit -s \/&#8221;\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3057\u3001&#8221;sudoedit:&#8221;\u304b\u3089\u59cb\u307e\u308b\u30a8\u30e9\u30fc\u304c\u8868\u793a\u3055\u308c\u308b\u3068\u8106\u5f31\u6027\u306e\u5f71\u97ff\u3092\u53d7\u3051\u3001&#8221;usage:&#8221;\u304b\u3089\u59cb\u307e\u308b\u30a8\u30e9\u30fc\u304c\u8868\u793a\u3055\u308c\u308b\u3068\u5f71\u97ff\u3092\u53d7\u3051\u306a\u3044\u3001\u3068\u3044\u3046\u60c5\u5831\u3092\u516c\u958b\u3057\u3066\u3044\u3059\u3002<\/p>\n<p><br>III. \u5bfe\u7b56<br>\u5404\u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30bf\u3088\u308a\u3001\u672c\u8106\u5f31\u6027\u3092\u4fee\u6b63\u3057\u305f\u30d0\u30fc\u30b8\u30e7\u30f3\u304c\u516c\u958b\u3055\u308c\u3066\u3044\u307e\u3059\u3002<br>\u5404\u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30bf\u306e\u60c5\u5831\u306a\u3069\u3092\u53c2\u8003\u306b\u30d0\u30fc\u30b8\u30e7\u30f3\u30a2\u30c3\u30d7\u306a\u3069\u306e\u5bfe\u5fdc\u3092\u691c\u8a0e\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<p><br>IV. \u53c2\u8003\u60c5\u5831<br>Qualys<br>CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)<br><a href=\"https:\/\/blog.qualys.com\/vulnerabilities-research\/2021\/01\/26\/cve-2021-3156heap-based-buffer-overflow-in-sudo-baron-samedit\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/blog.qualys.com\/vulnerabilities-research\/2021\/01\/26\/cve-2021-3156heap-based-buffer-overflow-in-sudo-baron-samedit<\/a><br><br>Sudo<br>Major changes between version 1.9.5p2 and 1.9.5p1<br><a href=\"https:\/\/www.sudo.ws\/stable.html#1.9.5p2\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/www.sudo.ws\/stable.html#1.9.5p2<\/a><\/p>\n<p>Red Hat Customer Portal<br>Privilege escalation via command line argument parsing &#8211; sudo -(CVE-2021-3156)<br><a href=\"https:\/\/access.redhat.com\/security\/vulnerabilities\/RHSB-2021-002\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/access.redhat.com\/security\/vulnerabilities\/RHSB-2021-002<\/a><\/p>\n<p>Ubuntu<br>USN-4705-1: Sudo vulnerabilities<br><a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-4705-1\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/ubuntu.com\/security\/notices\/USN-4705-1<\/a><\/p>\n<p>Debian<br>CVE-2021-3156<br><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2021-3156\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/security-tracker.debian.org\/tracker\/CVE-2021-3156<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>I. \u6982\u89812021\u5e741\u670826\u65e5\uff08\u73fe\u5730\u6642\u9593\uff09\u3001sudo\u306b\u304a\u3051\u308b\u30d2\u30fc\u30d7\u30d9\u30fc\u30b9\u306e\u30d0\u30c3\u30d5\u30a1\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u306e\u8106\u5f31\u6027\uff08CVE-2021-3156\uff09\u306b\u95a2\u3059\u308b\u60c5\u5831\u304c\u516c\u958b\u3055\u308c\u307e\u3057\u305f\u3002sudoers\u30d5\u30a1\u30a4\u30eb(\u901a\u5e38\u306f\/etc\/sudoers\u914d [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[45],"_links":{"self":[{"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/posts\/9625"}],"collection":[{"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/comments?post=9625"}],"version-history":[{"count":5,"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/posts\/9625\/revisions"}],"predecessor-version":[{"id":14987,"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/posts\/9625\/revisions\/14987"}],"wp:attachment":[{"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/media?parent=9625"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/categories?post=9625"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/tags?post=9625"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}