logo

Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

All Products: Are Carbon Black products Vulnerable to CVE-2021-3156

All Products: Are Carbon Black products Vulnerable to CVE-2021-3156

Environment

  • All Products:  All Supported Versions
  • Linux:  All Supported Versions 
  • macOS:  All Supported Versions

Question

Are Carbon Black products vulnerable to CVE-2021-3156?

Answer

CVE-2021-3156 identifies an exploit in the sudo library provided by the underlying OS that allows privilege escalation to root via a heap-based buffer overflow.  Any linux or macOS machines running a version of sudo prior to 1.9.5p2 is vulnerable, including those running Carbon Black sensors/agents and servers running EDR clusters/single servers.  You may confirm the version of sudo on your linux/macOS machine by executing the following: 
sudo sudo -V
Contact your OS vendor for details of availability of sudo 1.9.5p2 or higher for your OS since sudo is a component of the OS, and not the CarbonBlack product. 

 

Additional Notes


Related Content


Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
CB_Support
Creation Date:
‎01-28-2021
Views:
1161
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.