Originally published January 28, 2021 @ 7:52 am

A decade-old massive and easy-to-exploit security hole (CVE-2021-3156) has been found in sudo allowing for full root access by any unprivileged system user. This is one of those rare security bugs you can’t delay remediating.

Patches have been released for most major current distros. Unfortunately, I still have some CentOS 6 servers that, following the surprise CentOS EOL announcement in December, I repointed to vault.centos.org for patches. Unfortunately, the needed sudo is not available at the moment.

However, the solution isn’t complicated: just uninstall sudo and install the precompiled binary from sudo.ws. Here’s what I did:

To confirm that the current sudo version is impacted, run the command below. If the error message starts with sudoedit: then, you have a problem.

sudoedit -s /
# > sudoedit: /: not a regular file

Go to the developer’s site and download the appropriate compiled version for your distro. The version needs to be 1.9.5p2 (1.9.5-3). For CentOS 6, I got this one.

I suggest you now log into your system as root directly (use console if you must), uninstall your current version of sudo and install the one you just downloaded. In my case:

yum -y erase sudo
yum -y install sudo-1.9.5-3.el8.x86_64.rpm

Now re-run the sudoedit command, and you should see the error message starting with usage:. If that is the case – mission accomplished.

sudoedit -s /
# > usage: sudoedit [-AknS] [-r role] [-t type] [-C num] [-D directory] [-g group] [-h host] [-p prompt] [-R directory] [-T timeout] [-u user] file ...