A new sudo package with the CVE-2021-3156 fix for CloudLinux 7 and CloudLinux 8 is now available for download from our production repository.
CloudLinux 8: sudo-1.8.29-6.el8_3.1
CloudLinux 7: sudo-1.8.23-10.el7_9.1
- Fixed Heap-based buffer overflow in Sudo (CVE-2021-3156)
yum update sudo*
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.