vulnerability
Arch Linux: Privilege escalation (CVE-2021-3156)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Jan 26, 2021 | Jul 11, 2025 | Nov 27, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Jan 26, 2021
Added
Jul 11, 2025
Modified
Nov 27, 2025
Description
A serious heap-based buffer overflow has been discovered in sudo before version 1.9.5p2 that is exploitable by any local user. It has been given the name Baron Samedit by its discoverer. The bug can be leveraged to elevate privileges to root, even if the user is not listed in the sudoers file. User authentication is not required to exploit the bug.
Solution
arch-linux-upgrade-latest
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.