The Pakistan Telecommunication Authority (PTA) has issued a Cybersecurity Advisory regarding a major vulnerability in Linux systems running older versions of the Sudo program.
The flaw, tracked as CVE-2021-3156 and commonly known as “Baron Samedit,” has been classified as a high-severity threat due to its potential to allow privilege escalation attacks.
According to the advisory, the vulnerability affects Sudo versions before 1.9.5p2. It can be exploited by attackers with access to low-privileged accounts to gain root privileges, even if those accounts are not listed in the system’s sudoers file. Since the sudoers file is commonly present in most default Linux installations, the advisory warns that a wide range of systems may be exposed to this risk.
If left unpatched, the flaw could allow unauthorized users to take full control of affected systems, posing serious risks to critical infrastructure, businesses, and organizations relying on Linux-based servers. PTA noted that the exploit works by manipulating a buffer overflow in Sudo, making it particularly dangerous as it bypasses standard security configurations.
The authority has urged organizations and system administrators to immediately upgrade to the patched version, Sudo v1.9.5p2, which addresses the flaw. The advisory further stresses the importance of implementing strict password policies, regularly updating operating systems and applications, and applying security patches without delay.
PTA also advised stakeholders to consult the official Sudo website for detailed patch and workaround information. The regulator cautioned that ignoring this vulnerability could result in privilege escalation attacks, potentially compromising sensitive data and undermining system integrity across vulnerable infrastructures.