logo

Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

All Products: Are Carbon Black products Vulnerable to CVE-2021-3156

All Products: Are Carbon Black products Vulnerable to CVE-2021-3156

Environment

  • All Products:  All Supported Versions
  • Linux:  All Supported Versions 
  • macOS:  All Supported Versions

Question

Are Carbon Black products vulnerable to CVE-2021-3156?

Answer

CVE-2021-3156 identifies an exploit in the sudo library provided by the underlying OS that allows privilege escalation to root via a heap-based buffer overflow.  Any linux or macOS machines running a version of sudo prior to 1.9.5p2 is vulnerable, including those running Carbon Black sensors/agents and servers running EDR clusters/single servers.  You may confirm the version of sudo on your linux/macOS machine by executing the following: 
sudo sudo -V
Contact your OS vendor for details of availability of sudo 1.9.5p2 or higher for your OS since sudo is a component of the OS, and not the CarbonBlack product. 

 

Additional Notes


Related Content


Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
CB_Support
Creation Date:
‎01-28-2021
Views:
1219
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.