| Package | sudo |
|---|---|
| Version | 1.8.10p3-1+deb8u8 |
| Related CVEs | CVE-2021-3156 |
The Qualys Research Labs discovered a heap-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users. Any local user (sudoers and non-sudoers) can exploit this flaw for root privilege escalation.
For Debian 8 jessie, these problems have been fixed in version 1.8.10p3-1+deb8u8.
We recommend that you upgrade your sudo packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.