10-years-old Sudo bug lets Linux users gain root-level access

From zdnet.com

Linux Tux

A major vulnerability impacting a large chunk of the Linux ecosystem has been patched today in Sudo, an app that allows admins to delegate limited root access to other users.

The vulnerability, which received a CVE identifier of CVE-2021-3156, but is more commonly known as “Baron Samedit,” was discovered by security auditing firm Qualys two weeks ago and was patched earlier today with the release of Sudo v1.9.5p2

Read more…