Security Connect 2021 is coming Jun 3. Register for free today!

All Products: Are Carbon Black products Vulnerable to CVE-2021-3156

All Products: Are Carbon Black products Vulnerable to CVE-2021-3156

Environment

  • All Products:  All Supported Versions
  • Linux:  All Supported Versions 
  • macOS:  All Supported Versions

Question

Are Carbon Black products vulnerable to CVE-2021-3156?

Answer

CVE-2021-3156 identifies an exploit in the sudo library provided by the underlying OS that allows privilege escalation to root via a heap-based buffer overflow.  Any linux or macOS machines running a version of sudo prior to 1.9.5p2 is vulnerable, including those running Carbon Black sensors/agents and servers running EDR clusters/single servers.  You may confirm the version of sudo on your linux/macOS machine by executing the following:
sudo sudo -V
Contact your OS vendor for details of availability of sudo 1.9.5p2 or higher for your OS since sudo is a component of the OS, and not the CarbonBlack product. 

 

Additional Notes


Related Content


Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
Creation Date:
‎01-28-2021
Views:
235
Contributors