Security update for sudo

Announcement ID:	SUSE-SU-2021:0225-1
Rating:	important
References:	bsc#1180684 bsc#1180685 bsc#1180687 bsc#1181090
Cross-References:	CVE-2021-23239 CVE-2021-23240 CVE-2021-3156
CVSS scores:	CVE-2021-23239 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2021-23239 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2021-23240 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-23240 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-3156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-3156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:	SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5

An update that solves three vulnerabilities and has one security fix can now be installed.

Description:

This update for sudo fixes the following issues:

• A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges [bsc#1181090,CVE-2021-3156]
• It was possible for a user to test for the existence of a directory due to a Race Condition in sudoedit [bsc#1180684,CVE-2021-23239]
• A Possible Symlink Attack vector existed in sudoedit if SELinux was running in permissive mode [bsc#1180685, CVE-2021-23240]
• It was possible for a User to enable Debug Settings not Intended for them [bsc#1180687]

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Software Development Kit 12 SP5
  zypper in -t patch SUSE-SLE-SDK-12-SP5-2021-225=1
• SUSE Linux Enterprise High Performance Computing 12 SP5
  zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-225=1
• SUSE Linux Enterprise Server 12 SP5
  zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-225=1
• SUSE Linux Enterprise Server for SAP Applications 12 SP5
  zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-225=1

Package List:

• SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64)
  • sudo-debuginfo-1.8.27-4.6.1
  • sudo-devel-1.8.27-4.6.1
  • sudo-debugsource-1.8.27-4.6.1
• SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64)
  • sudo-debuginfo-1.8.27-4.6.1
  • sudo-debugsource-1.8.27-4.6.1
  • sudo-1.8.27-4.6.1
• SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64)
  • sudo-debuginfo-1.8.27-4.6.1
  • sudo-debugsource-1.8.27-4.6.1
  • sudo-1.8.27-4.6.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64)
  • sudo-debuginfo-1.8.27-4.6.1
  • sudo-debugsource-1.8.27-4.6.1
  • sudo-1.8.27-4.6.1

References:

• https://www.suse.com/security/cve/CVE-2021-23239.html
• https://www.suse.com/security/cve/CVE-2021-23240.html
• https://www.suse.com/security/cve/CVE-2021-3156.html
• https://bugzilla.suse.com/show_bug.cgi?id=1180684
• https://bugzilla.suse.com/show_bug.cgi?id=1180685
• https://bugzilla.suse.com/show_bug.cgi?id=1180687
• https://bugzilla.suse.com/show_bug.cgi?id=1181090