Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2021:0222 - Security Advisory
Issued:
2021-01-26
Updated:
2021-01-26

RHSA-2021:0222 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: sudo security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for sudo is now available for Red Hat Enterprise Linux 7.7 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.

Security Fix(es):

  • sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64
  • Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64
  • Red Hat Enterprise Linux Server - AUS 7.7 x86_64
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le
  • Red Hat Enterprise Linux Server - TUS 7.7 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.7 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.7 x86_64

Fixes

  • BZ - 1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing

CVEs

  • CVE-2021-3156

References

  • https://access.redhat.com/security/updates/classification/#important
  • https://access.redhat.com/security/vulnerabilities/RHSB-2021-002
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7

SRPM
sudo-1.8.23-4.el7_7.3.src.rpm SHA-256: 008cfe0f8f321c1764471cd848a664b4616c2b70c8938aa805347021c489ee63
x86_64
sudo-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: 3251d2de4a6c984fdd96e99a99e40afc415d26ff8e9447829c946c4278d2d787
sudo-debuginfo-1.8.23-4.el7_7.3.i686.rpm SHA-256: d342bff32e6bc072fcf2b52a14c49fb86cf9cf5e4f6f0375218af1c9653519a1
sudo-debuginfo-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: b195d2d5473709a43d13eec214841e7cd9f4f9556a86d7e36531bbd5a9ec5bb3
sudo-debuginfo-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: b195d2d5473709a43d13eec214841e7cd9f4f9556a86d7e36531bbd5a9ec5bb3
sudo-devel-1.8.23-4.el7_7.3.i686.rpm SHA-256: 4585772e20da3326b4edbb5023b6292bba74c9dce8e344d95718d459f70e397b
sudo-devel-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: 1cadd3f5f63eb0a3da14d83b671b2610633bee721acecacd7cacf4e1a2f51d23

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7

SRPM
sudo-1.8.23-4.el7_7.3.src.rpm SHA-256: 008cfe0f8f321c1764471cd848a664b4616c2b70c8938aa805347021c489ee63
s390x
sudo-1.8.23-4.el7_7.3.s390x.rpm SHA-256: 50faa65c05e0e78b0e9ce87bf5ea4af880af2bf035d54d5570a1004359efa9b6
sudo-debuginfo-1.8.23-4.el7_7.3.s390.rpm SHA-256: 5bf17f3134e7706c4642c2032fe0e2f4e8d1f5c0458237a1d8c198afd057068f
sudo-debuginfo-1.8.23-4.el7_7.3.s390x.rpm SHA-256: 7fafd9cadd8ff55320f6a420965e4d9ccccd545c355a9edddbaca6fcb397da3b
sudo-debuginfo-1.8.23-4.el7_7.3.s390x.rpm SHA-256: 7fafd9cadd8ff55320f6a420965e4d9ccccd545c355a9edddbaca6fcb397da3b
sudo-devel-1.8.23-4.el7_7.3.s390.rpm SHA-256: f600a649db62c024187b7c4ba5db4fb9692696e00d543c6cf5fc3e3b62967774
sudo-devel-1.8.23-4.el7_7.3.s390x.rpm SHA-256: 33feaaed5ef26c6215299e670d3c127e2488f5267a9aba68036e163096007ffa

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7

SRPM
sudo-1.8.23-4.el7_7.3.src.rpm SHA-256: 008cfe0f8f321c1764471cd848a664b4616c2b70c8938aa805347021c489ee63
ppc64
sudo-1.8.23-4.el7_7.3.ppc64.rpm SHA-256: 6b826358aaf94203279877b29d6554a03c4a1a4fccff41716db30cea93d11227
sudo-debuginfo-1.8.23-4.el7_7.3.ppc.rpm SHA-256: 9ee70afeffd549654ea48ec99c27d2d18f0a4a93a538b5bc24e8eb236c459803
sudo-debuginfo-1.8.23-4.el7_7.3.ppc64.rpm SHA-256: a139931bf701c0ff17767ea342323c838624bd3231a2675610a3c81a593ec773
sudo-debuginfo-1.8.23-4.el7_7.3.ppc64.rpm SHA-256: a139931bf701c0ff17767ea342323c838624bd3231a2675610a3c81a593ec773
sudo-devel-1.8.23-4.el7_7.3.ppc.rpm SHA-256: af17791a05a0391a042b5b207c548c764c5d4244a3cf67dfd36e8bf2e2219432
sudo-devel-1.8.23-4.el7_7.3.ppc64.rpm SHA-256: 756e8a26a301eca414bf14bb69ada593592e39e81cdd7e88d99d3c0b8ada8a1b

Red Hat Enterprise Linux EUS Compute Node 7.7

SRPM
sudo-1.8.23-4.el7_7.3.src.rpm SHA-256: 008cfe0f8f321c1764471cd848a664b4616c2b70c8938aa805347021c489ee63
x86_64
sudo-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: 3251d2de4a6c984fdd96e99a99e40afc415d26ff8e9447829c946c4278d2d787
sudo-debuginfo-1.8.23-4.el7_7.3.i686.rpm SHA-256: d342bff32e6bc072fcf2b52a14c49fb86cf9cf5e4f6f0375218af1c9653519a1
sudo-debuginfo-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: b195d2d5473709a43d13eec214841e7cd9f4f9556a86d7e36531bbd5a9ec5bb3
sudo-debuginfo-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: b195d2d5473709a43d13eec214841e7cd9f4f9556a86d7e36531bbd5a9ec5bb3
sudo-devel-1.8.23-4.el7_7.3.i686.rpm SHA-256: 4585772e20da3326b4edbb5023b6292bba74c9dce8e344d95718d459f70e397b
sudo-devel-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: 1cadd3f5f63eb0a3da14d83b671b2610633bee721acecacd7cacf4e1a2f51d23

Red Hat Enterprise Linux Server - AUS 7.7

SRPM
sudo-1.8.23-4.el7_7.3.src.rpm SHA-256: 008cfe0f8f321c1764471cd848a664b4616c2b70c8938aa805347021c489ee63
x86_64
sudo-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: 3251d2de4a6c984fdd96e99a99e40afc415d26ff8e9447829c946c4278d2d787
sudo-debuginfo-1.8.23-4.el7_7.3.i686.rpm SHA-256: d342bff32e6bc072fcf2b52a14c49fb86cf9cf5e4f6f0375218af1c9653519a1
sudo-debuginfo-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: b195d2d5473709a43d13eec214841e7cd9f4f9556a86d7e36531bbd5a9ec5bb3
sudo-debuginfo-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: b195d2d5473709a43d13eec214841e7cd9f4f9556a86d7e36531bbd5a9ec5bb3
sudo-devel-1.8.23-4.el7_7.3.i686.rpm SHA-256: 4585772e20da3326b4edbb5023b6292bba74c9dce8e344d95718d459f70e397b
sudo-devel-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: 1cadd3f5f63eb0a3da14d83b671b2610633bee721acecacd7cacf4e1a2f51d23

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7

SRPM
sudo-1.8.23-4.el7_7.3.src.rpm SHA-256: 008cfe0f8f321c1764471cd848a664b4616c2b70c8938aa805347021c489ee63
ppc64le
sudo-1.8.23-4.el7_7.3.ppc64le.rpm SHA-256: c4a90e0d4771e1308b7f0fdaef17ff9c74caf0f3c64bcbdb4e88416f8a4d15b8
sudo-debuginfo-1.8.23-4.el7_7.3.ppc64le.rpm SHA-256: caabee3bc6382432c78b4263782de454b0a12f4b7cd9b9218e55af81996f90d8
sudo-debuginfo-1.8.23-4.el7_7.3.ppc64le.rpm SHA-256: caabee3bc6382432c78b4263782de454b0a12f4b7cd9b9218e55af81996f90d8
sudo-devel-1.8.23-4.el7_7.3.ppc64le.rpm SHA-256: ff7ce7969fe83d6369ceb3abb61c73e77be885a1cb4e348e57902e3eda303af8

Red Hat Enterprise Linux Server - TUS 7.7

SRPM
sudo-1.8.23-4.el7_7.3.src.rpm SHA-256: 008cfe0f8f321c1764471cd848a664b4616c2b70c8938aa805347021c489ee63
x86_64
sudo-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: 3251d2de4a6c984fdd96e99a99e40afc415d26ff8e9447829c946c4278d2d787
sudo-debuginfo-1.8.23-4.el7_7.3.i686.rpm SHA-256: d342bff32e6bc072fcf2b52a14c49fb86cf9cf5e4f6f0375218af1c9653519a1
sudo-debuginfo-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: b195d2d5473709a43d13eec214841e7cd9f4f9556a86d7e36531bbd5a9ec5bb3
sudo-debuginfo-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: b195d2d5473709a43d13eec214841e7cd9f4f9556a86d7e36531bbd5a9ec5bb3
sudo-devel-1.8.23-4.el7_7.3.i686.rpm SHA-256: 4585772e20da3326b4edbb5023b6292bba74c9dce8e344d95718d459f70e397b
sudo-devel-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: 1cadd3f5f63eb0a3da14d83b671b2610633bee721acecacd7cacf4e1a2f51d23

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.7

SRPM
sudo-1.8.23-4.el7_7.3.src.rpm SHA-256: 008cfe0f8f321c1764471cd848a664b4616c2b70c8938aa805347021c489ee63
ppc64le
sudo-1.8.23-4.el7_7.3.ppc64le.rpm SHA-256: c4a90e0d4771e1308b7f0fdaef17ff9c74caf0f3c64bcbdb4e88416f8a4d15b8
sudo-debuginfo-1.8.23-4.el7_7.3.ppc64le.rpm SHA-256: caabee3bc6382432c78b4263782de454b0a12f4b7cd9b9218e55af81996f90d8
sudo-debuginfo-1.8.23-4.el7_7.3.ppc64le.rpm SHA-256: caabee3bc6382432c78b4263782de454b0a12f4b7cd9b9218e55af81996f90d8
sudo-devel-1.8.23-4.el7_7.3.ppc64le.rpm SHA-256: ff7ce7969fe83d6369ceb3abb61c73e77be885a1cb4e348e57902e3eda303af8

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.7

SRPM
sudo-1.8.23-4.el7_7.3.src.rpm SHA-256: 008cfe0f8f321c1764471cd848a664b4616c2b70c8938aa805347021c489ee63
x86_64
sudo-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: 3251d2de4a6c984fdd96e99a99e40afc415d26ff8e9447829c946c4278d2d787
sudo-debuginfo-1.8.23-4.el7_7.3.i686.rpm SHA-256: d342bff32e6bc072fcf2b52a14c49fb86cf9cf5e4f6f0375218af1c9653519a1
sudo-debuginfo-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: b195d2d5473709a43d13eec214841e7cd9f4f9556a86d7e36531bbd5a9ec5bb3
sudo-debuginfo-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: b195d2d5473709a43d13eec214841e7cd9f4f9556a86d7e36531bbd5a9ec5bb3
sudo-devel-1.8.23-4.el7_7.3.i686.rpm SHA-256: 4585772e20da3326b4edbb5023b6292bba74c9dce8e344d95718d459f70e397b
sudo-devel-1.8.23-4.el7_7.3.x86_64.rpm SHA-256: 1cadd3f5f63eb0a3da14d83b671b2610633bee721acecacd7cacf4e1a2f51d23

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter