All Products: Are Carbon Black products Vulnerable to CVE-2021-3156
All Products: All Supported Versions
Linux: All Supported Versions
macOS: All Supported Versions
Are Carbon Black products vulnerable to CVE-2021-3156?
CVE-2021-3156 identifies an exploit in the sudo library provided by the underlying OS that allows privilege escalation to root via a heap-based buffer overflow. Any linux or macOS machines running a version of sudo prior to 1.9.5p2 is vulnerable, including those running Carbon Black sensors/agents and servers running EDR clusters/single servers. You may confirm the version of sudo on your linux/macOS machine by executing the following:
sudo sudo -V
Contact your OS vendor for details of availability of sudo 1.9.5p2 or higher for your OS since sudo is a component of the OS, and not the CarbonBlack product.