CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Apr 27, 2022

CVE-2021-3156

High

EPSS 92.3%CISA KEV

Description

Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.

92.3%

Higher than 99.7% of all CVEs

https://nvd.nist.gov/vuln/detail/CVE-2021-3156

HIGH

In CISA KEV

High EPSS

Published

Apr 6, 2022

Added to KEV

Apr 6, 2022

Remediation Due

Apr 27, 2022

Sudo